dccd7575dc86cfb3d969c3756e35c2d2fc26481f9b54f51ced654e5c447eee2aN

Sharing

Copy URL Twitter E-mail

General

Target

dccd7575dc86cfb3d969c3756e35c2d2fc26481f9b54f51ced654e5c447eee2aN
Size

136KB
MD5

63b65d00afa0909c8e85ff56c96df110
SHA1

01139ffa53ee7ae99ac7da03a80a9e45948f441c
SHA256

dccd7575dc86cfb3d969c3756e35c2d2fc26481f9b54f51ced654e5c447eee2a
SHA512

33f7ad6a4a2472846a3c0e3c32291a9f9236528a4b5a77f1cace6e73ef3bb325d7c1802f9a8efeb11f437b598825a6af50ee391e6cade51a20fd9cd74901dbff
SSDEEP

3072:dqM583pO5tJXlJ7a6EMd6srBheI14d4msO/XTF9:t5epO5hJ7a6EMlhp14Z/D/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dccd7575dc86cfb3d969c3756e35c2d2fc26481f9b54f51ced654e5c447eee2aN

Files

dccd7575dc86cfb3d969c3756e35c2d2fc26481f9b54f51ced654e5c447eee2aN
.dll windows:6 windows x64 arch:x64

40d56b983847c38deceb2f55924a693b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

sunec.pdb

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

memcpy
memset
memcmp
__C_specific_handler
__std_type_info_destroy_list
__std_exception_copy
__std_exception_destroy
_CxxThrowException

api-ms-win-crt-heap-l1-1-0

free
calloc
malloc
_callnewh

api-ms-win-crt-string-l1-1-0

strcat
toupper
isdigit
islower
isupper
_strdup
strlen

api-ms-win-crt-utility-l1-1-0

labs

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_cexit
_execute_onexit_table
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_onexit_table

Exports

Exports

Java_sun_security_ec_ECDHKeyAgreement_deriveKey
Java_sun_security_ec_ECDSASignature_signDigest
Java_sun_security_ec_ECDSASignature_verifySignedDigest
Java_sun_security_ec_ECKeyPairGenerator_generateECKeyPair
Java_sun_security_ec_ECKeyPairGenerator_isCurveSupported

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40d56b983847c38deceb2f55924a693b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 69KB - Virtual size: 69KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 5KB - Virtual size: 6KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 5KB - Virtual size: 6KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 4KB - Virtual size: 3KB