e408c8dd659689aa421da34cfe55f5019c21d601b28fb3ef8b6bc0c7e4a8e835

Sharing

Copy URL

Twitter E-mail

General

Target

e408c8dd659689aa421da34cfe55f5019c21d601b28fb3ef8b6bc0c7e4a8e835
Size

96KB
MD5

799ce61626cffcac92f8db6c52a74bd3
SHA1

3f2e8e0a730a8cbbf27618d6a0068d6ebc54aaef
SHA256

e408c8dd659689aa421da34cfe55f5019c21d601b28fb3ef8b6bc0c7e4a8e835
SHA512

a888c4c24b2363a1f4705242ffb291ebdb701af51b7652c175480ec794aaf8b5a2ea22e1baeebe4e8bf4679ef3d17c23be6aedd4c542108a0803101df6baaec8
SSDEEP

1536:zC/TB2UeZVfNjkkvVDslApxXUWqcNQyxLWpSAjZRJuV:mQX3fNjbpslsUWqeQfp7jr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e408c8dd659689aa421da34cfe55f5019c21d601b28fb3ef8b6bc0c7e4a8e835

Files

e408c8dd659689aa421da34cfe55f5019c21d601b28fb3ef8b6bc0c7e4a8e835
.dll windows:4 windows x86 arch:x86

45a00b15d1fbc889ec6e4b67524fe6a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetModuleHandleW
GetCurrentProcess
lstrcpyW
lstrcatW
GetSystemWindowsDirectoryW
lstrlenW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
RtlUnwind

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

SysAllocString
SysStringLen
SysFreeString

Exports

Exports

CAPT_AddFwExceptions
CAPT_AddFwExceptionsEx
CAPT_FwExceptionsIsEnabled
CAPT_FwExceptionsIsEnabledEx
CAPT_FwIsEnabled
CAPT_GetOsInfo
CAPT_RemoveFwExceptions
CAPT_RemoveFwExceptionsEx
IsWow64
MakePathToRPCS

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

45a00b15d1fbc889ec6e4b67524fe6a9

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 1KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB

.rmnet
Size: 60KB - Virtual size: 60KB