e21d4f0b32049e1df7f0bb8607460241e0c06241512507aaebb334d4e0b3cddfN

Sharing

Copy URL Twitter E-mail

General

Target

e21d4f0b32049e1df7f0bb8607460241e0c06241512507aaebb334d4e0b3cddfN
Size

37KB
MD5

b903d8b912108a42cfe0352b9e986bd0
SHA1

0d702b54708978ecf153ad1949436286b15e560c
SHA256

e21d4f0b32049e1df7f0bb8607460241e0c06241512507aaebb334d4e0b3cddf
SHA512

17a6590dcf7559af6cced1cf4b54b4e8a7e0c041a874d0fc91debfc6f6e6d2a7aa64c272cd4a25de6750ce67d4c5204810afbdd61fdf01cb3f362b94d19b007a
SSDEEP

768:UgG+wFVKhMhV+Eu6xgIGt4PGJyPz8PDGwutOZtG6ncne+8SsGsvJKJVpm:UD+wbKhMKEYt4PKMo7h+e3rfRCDm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e21d4f0b32049e1df7f0bb8607460241e0c06241512507aaebb334d4e0b3cddfN

Files

e21d4f0b32049e1df7f0bb8607460241e0c06241512507aaebb334d4e0b3cddfN
.dll windows:4 windows x86 arch:x86

d0575aeb3754667257bf0442557164b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileA
GetTempPathA
GetLastError
CloseHandle
CreateThread
GetTickCount
FindNextFileA
CreateFileA
ReadFile
GetFileSize
LocalFree
FindClose
WritePrivateProfileStringA
GetLocalTime
Sleep
WriteFile
GetPrivateProfileStringA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ws2_32

ntohs
ntohl

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

msvcrt

strcat
??2@YAPAXI@Z
memcpy
strstr
strcpy
_access
sprintf
memset
sscanf
strlen
__CxxFrameHandler
strncpy
strcmp
memcmp
rand
srand
time
_mkdir
rename
_stricmp
fread
ftell
fseek
fopen
fclose
atol
strchr
free
_initterm
malloc
_adjust_fdiv
_stat

crypt32

CryptUnprotectData

Exports

Exports

GetDLLVer
partInit

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0575aeb3754667257bf0442557164b6

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

msvcp60

msvcrt

crypt32

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB