07c5a636cdd516916de817c86865ca85f2b11349bb1308763fa8796e62ab5904

General

Target

07c5a636cdd516916de817c86865ca85f2b11349bb1308763fa8796e62ab5904
Size

109KB
MD5

65c10836d81c74abd5faf4e724951af2
SHA1

aa6804469ef8a9c56a18be3ec2977e772d3fd39f
SHA256

07c5a636cdd516916de817c86865ca85f2b11349bb1308763fa8796e62ab5904
SHA512

4ed2b28462bc01bf3005962cae2839d144575c0b0482baed063ed88b313051998f822203e5fdc8754240bf424933eb994c78681de2ba715399bbedeb61e3b9e8
SSDEEP

1536:G7L8t0wTtzGlSOITSBn8JFdpDOWXE9f+KS15WULXMe6PZq:G7OfseaWU1y15WULXMe6PZq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07c5a636cdd516916de817c86865ca85f2b11349bb1308763fa8796e62ab5904

Files

07c5a636cdd516916de817c86865ca85f2b11349bb1308763fa8796e62ab5904
.dll windows:5 windows x86 arch:x86

736cd4780349c5e427c5ce7d22d2e9cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
HeapAlloc
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
Sleep
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CloseHandle
FlushFileBuffers
GetModuleHandleA

Exports

Exports

CreateFML
CreateString
DLL_GetFmlType
FreeFML
FreeString
LibVersion
Version

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

736cd4780349c5e427c5ce7d22d2e9cd

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 5KB - Virtual size: 14KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 5KB - Virtual size: 14KB

.reloc
Size: 6KB - Virtual size: 6KB