15a87a272e27421376d40db82b49f9b9fa6b3cd3843f74273db6b12344b95d5fN

Sharing

Copy URL

Twitter E-mail

General

Target

15a87a272e27421376d40db82b49f9b9fa6b3cd3843f74273db6b12344b95d5fN
Size

776KB
MD5

2ea02df4d1bd56b7862da01c65d23ff0
SHA1

a5152f9cc2dc61cc043b4c2e339c21772bd59b7e
SHA256

15a87a272e27421376d40db82b49f9b9fa6b3cd3843f74273db6b12344b95d5f
SHA512

ce84da187fdb2b9cda9ebeddbd316d84eddac42c7ee51f2a3b77bc3f447da1a5e27f14f94b29043826def088e32560510cc6db4342a78aaf8df8ee38101aa534
SSDEEP

12288:oGVNJAvuPFUl/faxmVlBLXKCgFfEK7JRLeHlX//ve7:53JAvRl/fKQKCgFfx4P/va

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15a87a272e27421376d40db82b49f9b9fa6b3cd3843f74273db6b12344b95d5fN

Files

15a87a272e27421376d40db82b49f9b9fa6b3cd3843f74273db6b12344b95d5fN
.dll windows:5 windows x64 arch:x64

72906e44c69f979a7a4dfcb492a7b5bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

GetDoubleClickTime
GetForegroundWindow
GetClipboardOwner
DdeSetQualityOfService
ClientToScreen
DefDlgProcW

gdi32

RemoveFontMemResourceEx
GetClipBox
GetTextColor

ole32

StringFromCLSID

kernel32

GetVersion
GetQueuedCompletionStatus
GetErrorMode
GetExitCodeProcess
SetCommTimeouts
GetUserDefaultLangID
SetFileBandwidthReservation
GetNamedPipeClientSessionId
GetTapeStatus

msvcrt

memset

Exports

Exports

ConfigStartMenu
DllCanUnloadNow
DllGetClassObject
DllGetVersion
GetProgramsOnline
NewLinkHereW
RunOCMW
RunSPADW

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 488KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.lpplw
Size: 4KB - Virtual size: 259B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72906e44c69f979a7a4dfcb492a7b5bb

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

ole32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 260KB - Virtual size: 259KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 488KB - Virtual size: 486KB

.pdata Size: 4KB - Virtual size: 324B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.lpplw Size: 4KB - Virtual size: 259B

.text
Size: 260KB - Virtual size: 259KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 488KB - Virtual size: 486KB

.pdata
Size: 4KB - Virtual size: 324B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB

.lpplw
Size: 4KB - Virtual size: 259B