dc1973998bf325966245b9e9d1891504855a04e4c53871d9508c6ba2537818bcN

Sharing

Copy URL

Twitter E-mail

General

Target

dc1973998bf325966245b9e9d1891504855a04e4c53871d9508c6ba2537818bcN
Size

328KB
MD5

2366da25bfc1e23eac3e0e718cc2e750
SHA1

1960336a27c213aea7d2173f7a228427a586dc97
SHA256

dc1973998bf325966245b9e9d1891504855a04e4c53871d9508c6ba2537818bc
SHA512

8f6d368cd7e2b2a9b88f8d27d8b39becad73a6352e8ea965d12ab4bb3c06a1c872f432d47a797c96c3e1ba2b14c5157912d4a6713e3b5bad688ed1327155e97b
SSDEEP

3072:XTyDqGSJmauvkTyDqGxTyDqMTyDqGxTyDqMTyDqGxTyDqMTyDqGxTyDq:XBJma0kqEqEqEq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc1973998bf325966245b9e9d1891504855a04e4c53871d9508c6ba2537818bcN

Files

dc1973998bf325966245b9e9d1891504855a04e4c53871d9508c6ba2537818bcN
.dll windows:4 windows x86 arch:x86

1875dbbee1c50b40537b4d3d99dc20e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CloseHandle
CreateThread
IsBadReadPtr
GetCurrentThreadId
WriteProcessMemory
GetModuleHandleA
WideCharToMultiByte
Sleep
ExitProcess
WaitForSingleObject
GlobalFree
GlobalAlloc
GetTickCount
InterlockedDecrement
GetLastError
MultiByteToWideChar
lstrlenA
LocalFree

ole32

CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
CLSIDFromProgID
CoInitialize

oleaut32

SysAllocString
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysFreeString
VariantInit
VariantCopy
GetErrorInfo
SysStringLen
VariantClear

msvcrt

_CxxThrowException
_itoa
_adjust_fdiv
_initterm
_onexit
__dllonexit
mbstowcs
swprintf
rand
_ftol
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
malloc
_snprintf
atoi
strstr
strncpy
free
wcscmp
??1type_info@@UAE@XZ

gdiplus

GdipGetImageEncodersSize
GdipDisposeImage
GdipCloneImage
GdipGetImageEncoders
GdipAlloc
GdiplusStartup
GdiplusShutdown
GdipFree
GdipLoadImageFromStream
GdipSaveImageToStream

Exports

Exports

GetModuleFileNameExA
GetModuleFileNameExW
capGetDriverDescriptionA

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1875dbbee1c50b40537b4d3d99dc20e6

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

msvcrt

gdiplus

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 37KB

.data Size: 4KB - Virtual size: 2KB

.text Size: 4KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 15KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 37KB

.data
Size: 4KB - Virtual size: 2KB

.text
Size: 4KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 15KB

.reloc
Size: 4KB - Virtual size: 1KB