858f47433bbbac47ca53e2b525669ab130c460b3f1b2c8269cf1ee8e47477f1e

Sharing

Copy URL

Twitter E-mail

General

Target

858f47433bbbac47ca53e2b525669ab130c460b3f1b2c8269cf1ee8e47477f1e
Size

60KB
MD5

98fee9d5e8bd1cae41dde318c4bc4454
SHA1

e92dfe656dbb0bb37cd3c32487275f2e981bdb41
SHA256

858f47433bbbac47ca53e2b525669ab130c460b3f1b2c8269cf1ee8e47477f1e
SHA512

209155c35eebab1ae24887cf350620a88d238f910c6e2a0bfe004e5ed66e67cf5df4b3c6ffccf4f3ba51c34764776a4dcf585d3d46021fc4d20c5abf85543501
SSDEEP

384:HWfhYLzmulT1IKbUCSXgAG/KPFYe+l6KcjuuZAC1jbgim4Hq80IKXjfYqDEtNde1:2+DdUS/KDTjhLjdm4K80I+/YtaI+30Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
858f47433bbbac47ca53e2b525669ab130c460b3f1b2c8269cf1ee8e47477f1e

Files

858f47433bbbac47ca53e2b525669ab130c460b3f1b2c8269cf1ee8e47477f1e
.dll windows:4 windows x64 arch:x64

f36f79fb38bd9e4a94f2e53d42fa2fc8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ConvertDefaultLocale
CreateFileA
CreateFileW
CreateThread
GetLastError
GetProcessHeap
GetTempPathA
HeapAlloc
HeapFree
MultiByteToWideChar
ReadFile
SetCriticalSectionSpinCount
WriteFile

user32

GetWindowContextHelpId
GetWindowLongPtrW
IsDialogMessageW
IsWindowVisible
MessageBoxA
RegisterClassW

Exports

Exports

Attack
Py_Main

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f36f79fb38bd9e4a94f2e53d42fa2fc8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 47KB - Virtual size: 47KB

.data Size: 512B - Virtual size: 16B

.rdata Size: 1024B - Virtual size: 752B

.pdata Size: 6KB - Virtual size: 5KB

.xdata Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 9KB

.edata Size: 512B - Virtual size: 89B

.idata Size: 1024B - Virtual size: 872B

.reloc Size: 512B - Virtual size: 28B

.text
Size: 47KB - Virtual size: 47KB

.data
Size: 512B - Virtual size: 16B

.rdata
Size: 1024B - Virtual size: 752B

.pdata
Size: 6KB - Virtual size: 5KB

.xdata
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 9KB

.edata
Size: 512B - Virtual size: 89B

.idata
Size: 1024B - Virtual size: 872B

.reloc
Size: 512B - Virtual size: 28B