ab52b9fc5f9e9c3a8c2f33f74c60325d0171b77bbbff4ca29fec869ca3cb1035

General

Target

ab52b9fc5f9e9c3a8c2f33f74c60325d0171b77bbbff4ca29fec869ca3cb1035
Size

9KB
MD5

4b251ccf1d10bae10e7620aadcc879a6
SHA1

af7d1823f57f71b4c46dabf4e04bb701bf5ea9f4
SHA256

ab52b9fc5f9e9c3a8c2f33f74c60325d0171b77bbbff4ca29fec869ca3cb1035
SHA512

ad686d60a61403625ce1d80f6a5208680506897d322b3b52ddbd058711088c6755ac80272e4b158534632191cef7e9c5ce38664699e784b6365bd04ff5cbce65
SSDEEP

192:vN0bPbdeV646UxPbhs0xgOh3X6rqd/Bf:l0bzdCvHhYOdKC/d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab52b9fc5f9e9c3a8c2f33f74c60325d0171b77bbbff4ca29fec869ca3cb1035

Files

ab52b9fc5f9e9c3a8c2f33f74c60325d0171b77bbbff4ca29fec869ca3cb1035
.dll windows:5 windows x86 arch:x86

c744866cbd3e742529bb1bb1fa2b7051

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

r:\BUCKEYE-PCSTABLE\System\3DRDebugLibf.pdb

Imports

kernel32

OutputDebugStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

user32

MessageBoxW

msvcr90

__CppXcptFilter
__clean_type_info_names_internal
_adjust_fdiv
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
_snwprintf
_vsnwprintf
_unlock

Exports

Exports

_AssertFailed
_AssertFailedEx
_BreakRelease
_DebugOutput
_EnterSafeMode
_SetAssertionFailedExHandler
_SetAssertionFailedHandler
_SetEnterSafeModeHandler
_WarnDebug
_WarnFinal
_WarnRelease

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c744866cbd3e742529bb1bb1fa2b7051

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcr90

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 512B - Virtual size: 460B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 512B - Virtual size: 460B