b15c9a6dcd25382fb81265b9be2cee35e6192f3e207594dab69a7f323dff16a6

Sharing

Copy URL Twitter E-mail

General

Target

b15c9a6dcd25382fb81265b9be2cee35e6192f3e207594dab69a7f323dff16a6
Size

209KB
MD5

f922c0528cc8856553dcbbc10c48ab60
SHA1

bc859b4e4cc48fc5a1ce33b6b5ea93334311335b
SHA256

b15c9a6dcd25382fb81265b9be2cee35e6192f3e207594dab69a7f323dff16a6
SHA512

ff74e555d80f35f1f52ab5fc52975cb3588f5c2ffce6f14ed5293a42f6fcde621b879cc5caba03fd11ed3bd87d9794aef91caba88b629470dbb4f0b85d0a6741
SSDEEP

6144:9e3AKoHJef8xzaHocFVhdnuDH0V/bMTIP:9VQEo1FtG0V/P

Score

N/A

Malware Config

Signatures

Files

b15c9a6dcd25382fb81265b9be2cee35e6192f3e207594dab69a7f323dff16a6
.dll windows x86

b10e09b45a1ebdc4d6f0c7a9e975e12b

Code Sign

78:6d:e3:00:2c:bb:2f:5a:b9:cb:ce:1e:5e:6d:02:9a
Certificate

Issuer

CN=twivVRI6zhxuksu

Not Before

23/03/2012, 10:35

Not After

31/12/2039, 23:59

Subject

CN=twivVRI6zhxuksu

Extended Key Usages

ExtKeyUsageCodeSigning

83:31:dd:15:3e:8b:03:e8:aa:22:c0:2e:ed:27:3c:b6:33:99:fd:0d
Signer

Actual PE Digest

83:31:dd:15:3e:8b:03:e8:aa:22:c0:2e:ed:27:3c:b6:33:99:fd:0d

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=twivVRI6zhxuksu

01/12/2022, 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetProcAddress
LoadLibraryA
CreateFileA
lstrlenA
lstrcpyA
GetWindowsDirectoryA
AddAtomW
BackupWrite
Beep
BeginUpdateResourceW
CallNamedPipeA
CallNamedPipeW
CancelIo
ClearCommError
CreateDirectoryExW
CreateDirectoryW
CreateFileMappingA
CreateHardLinkW
CreateMailslotW
CreateNamedPipeA
CreateProcessA
CreateRemoteThread
CreateSemaphoreW
CreateTimerQueueTimer
CreateWaitableTimerW
DebugActiveProcess
DebugBreak
DeleteCriticalSection
DeleteFiber
DisableThreadLibraryCalls
DnsHostnameToComputerNameW
DosDateTimeToFileTime
EnumCalendarInfoA
EnumResourceTypesA
EraseTape
EscapeCommFunction
ExitProcess
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FillConsoleOutputCharacterA
FillConsoleOutputCharacterW
FindAtomA
FindFirstFileA
FindFirstVolumeMountPointW
FindNextFileA
FindNextVolumeMountPointW
FindNextVolumeW
FindResourceA
FlushViewOfFile
FreeEnvironmentStringsW
GenerateConsoleCtrlEvent
GetACP
GetCPInfoExA
GetCPInfoExW
GetCommConfig
GetCommState
GetComputerNameW
GetConsoleAliasExesW
GetConsoleAliasesA
GetConsoleDisplayMode
GetConsoleMode
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetDefaultCommConfigA
GetDefaultCommConfigW
GetDevicePowerState
GetDiskFreeSpaceExA
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStrings
GetExitCodeThread
GetFileType
GetHandleInformation
GetLargestConsoleWindowSize
GetLocaleInfoW
GetMailslotInfo
GetModuleFileNameW
GetModuleHandleA
GetNumberOfConsoleMouseButtons
GetPriorityClass
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetProcessAffinityMask
GetProfileIntA
GetProfileIntW
GetSystemDefaultLangID
GetSystemDirectoryW
GetSystemWindowsDirectoryA
GetTapePosition
GetTempPathA
GetTimeFormatA
GetUserDefaultUILanguage
GetVersionExW
GetWindowsDirectoryW
GetWriteWatch
GlobalFindAtomA
GlobalMemoryStatus
GlobalMemoryStatusEx
Heap32ListNext
Heap32Next
HeapFree
HeapReAlloc
HeapSize
HeapValidate
InitializeCriticalSection
IsBadHugeWritePtr
IsBadWritePtr
LCMapStringA
LoadLibraryExW
LoadModule
LocalShrink
LocalSize
LockResource
MapUserPhysicalPagesScatter
Module32FirstW
Module32NextW
MoveFileA
MulDiv
MultiByteToWideChar
OpenFileMappingA
OpenJobObjectA
OpenMutexW
OpenSemaphoreW
PeekConsoleInputW
PeekNamedPipe
PulseEvent
QueryInformationJobObject
ReadConsoleA
ReadConsoleInputW
ReadProcessMemory
RequestWakeupLatency
ResetEvent
SetCommState
SetCommTimeouts
SetComputerNameA
SetComputerNameExA
SetComputerNameExW
SetConsoleCtrlHandler
SetConsoleCursorPosition
SetConsoleDisplayMode
SetConsoleMode
SetConsoleScreenBufferSize
SetConsoleTitleW
SetEvent
SetFileApisToANSI
SetFileApisToOEM
SetFileAttributesA
SetHandleCount
SetInformationJobObject
SetLastError
SetLocaleInfoA
SetLocaleInfoW
SetMessageWaitingIndicator
SetProcessPriorityBoost
SetTapeParameters
SetVolumeMountPointW
SizeofResource
SleepEx
SystemTimeToFileTime
Thread32First
TlsFree
UnlockFile
VirtualFreeEx
VirtualQuery
VirtualQueryEx
VirtualUnlock
WriteConsoleOutputAttribute
WriteConsoleOutputW
WriteConsoleW
WriteFileEx
WritePrivateProfileSectionW
WritePrivateProfileStringW
WriteProfileSectionA
WriteProfileSectionW
_hread
_hwrite
_lclose
lstrcat
lstrcpynA

user32

SetScrollInfo
SetThreadDesktop
SetUserObjectInformationA
SetUserObjectSecurity
SetWinEventHook
SetWindowContextHelpId
SetWindowPos
SetWindowTextW
SetWindowsHookW
ShowScrollBar
SystemParametersInfoA
TabbedTextOutA
TrackPopupMenu
TrackPopupMenuEx
TranslateAccelerator
TranslateMessage
UnhookWinEvent
UnionRect
UnpackDDElParam
ValidateRgn
WINNLSGetEnableStatus
WinHelpW
GetSystemMetrics
LoadStringA
AnyPopup
AppendMenuW
BeginDeferWindowPos
BlockInput
BroadcastSystemMessageA
CallNextHookEx
CallWindowProcA
CallWindowProcW
CascadeChildWindows
ChangeMenuA
CharLowerBuffA
CharLowerBuffW
CharNextExA
CharPrevExA
CharToOemA
CharToOemBuffW
CharToOemW
CheckMenuRadioItem
ClientToScreen
CopyIcon
CreateCaret
CreateDesktopW
CreateDialogIndirectParamA
CreateDialogIndirectParamW
CreateIcon
CreateIconFromResource
CreateWindowStationA
DdeAbandonTransaction
DdeAccessData
DdeConnectList
DdeCreateDataHandle
DdeEnableCallback
DdeImpersonateClient
DdeQueryNextServer
DdeQueryStringA
DdeSetQualityOfService
DdeSetUserHandle
DefMDIChildProcA
DeregisterShellHookWindow
DestroyCaret
DestroyCursor
DialogBoxIndirectParamW
DlgDirListA
DlgDirListW
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirSelectExW
DrawAnimatedRects
DrawCaption
DrawEdge
DrawFrame
DrawFrameControl
EditWndProc
EndDeferWindowPos
EndDialog
EndMenu
EnumDesktopsA
EnumDesktopsW
EnumDisplaySettingsA
EnumPropsExA
FindWindowA
FlashWindowEx
GetAltTabInfoA
GetCapture
GetClassNameA
GetClassWord
GetClientRect
GetClipboardData
GetClipboardFormatNameA
GetComboBoxInfo
GetDoubleClickTime
GetForegroundWindow
GetIconInfo
GetInputState
GetKeyNameTextA
GetKeyboardLayout
GetKeyboardType
GetLastInputInfo
GetMenuItemCount
GetMenuItemInfoA
GetMenuStringA
GetMessageW
GetParent
GetPropA
GetPropW
GetSystemMenu
GetUpdateRgn
GetUserObjectInformationA
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRgn
GetWindowTextA
GetWindowTextLengthA
GetWindowThreadProcessId
GrayStringA
IMPGetIMEA
IMPQueryIMEA
InSendMessage
InsertMenuA
InternalGetWindowText
IsCharAlphaW
IsCharUpperW
IsDialogMessageW
IsMenu
IsWindowEnabled
IsWindowVisible
LoadAcceleratorsW
LoadCursorFromFileA
LoadCursorW
LoadImageA
LoadImageW
LoadMenuA
LoadMenuIndirectA
LookupIconIdFromDirectoryEx
MapVirtualKeyExA
MapVirtualKeyExW
MenuItemFromPoint
MessageBoxA
MessageBoxExA
MessageBoxExW
MessageBoxW
ModifyMenuA
OemToCharBuffW
OemToCharW
OpenClipboard
OpenDesktopA
OpenDesktopW
PackDDElParam
PeekMessageW
PostMessageA
PtInRect
RegisterDeviceNotificationA
ReleaseDC
SetDeskWallpaper
RemovePropA
ScreenToClient
SendIMEMessageExW
SendMessageCallbackA
SendMessageCallbackW
SendMessageW
SetCaretBlinkTime
SetRect
SetPropA
SetParent
SetMenuInfo
SetMenuContextHelpId
SetKeyboardState
SetForegroundWindow
SetDebugErrorLevel

ole32

WriteOleStg
WriteClassStm
WriteClassStg
UtGetDvtd32Info
UtConvertDvtd32toDvtd16
UpdateDCOMSettings
StgPropertyLengthAsVariant
StgOpenStorageOnILockBytes
StgOpenStorageEx
StgGetIFillLockBytesOnFile
StgCreateDocfileOnILockBytes
SetDocumentBitStg
SetConvertStg
STGMEDIUM_UserSize
SNB_UserUnmarshal
SNB_UserSize
ReleaseStgMedium
ReadStringStream
ReadFmtUserTypeStg
ReadClassStm
ReadClassStg
PropVariantClear
ProgIDFromCLSID
OleUninitialize
OleSetMenuDescriptor
OleSetAutoConvert
OleSaveToStream
OleSave
OleRun
OleRegGetUserType
OleRegGetMiscStatus
OleRegEnumVerbs
OleRegEnumFormatEtc
OleQueryLinkFromData
OleNoteObjectVisible
OleMetafilePictFromIconAndLabel
OleLoad
OleInitialize
OleFlushClipboard
OleDraw
OleCreateStaticFromData
OleCreateLinkToFileEx
OleCreateLinkFromDataEx
OleCreateLinkFromData
OleCreateLink
OleCreateFromFile
OleCreateFromData
OleCreateEmbeddingHelper
OleCreateDefaultHandler
OleCreate
OleConvertOLESTREAMToIStorage
MonikerRelativePathTo
MonikerCommonPrefixWith
IsAccelerator
IIDFromString
HkOleRegisterObject
HWND_UserSize
HWND_UserMarshal
HPALETTE_UserUnmarshal
HPALETTE_UserSize
HMETAFILE_UserSize
HMETAFILE_UserFree
HMETAFILEPICT_UserFree
HMENU_UserUnmarshal
HMENU_UserMarshal
HMENU_UserFree
HICON_UserSize
HICON_UserFree
HGLOBAL_UserUnmarshal
HGLOBAL_UserSize
HENHMETAFILE_UserMarshal
HDC_UserFree
HBRUSH_UserUnmarshal
HBRUSH_UserMarshal
HBITMAP_UserSize
HBITMAP_UserMarshal
HACCEL_UserSize
HACCEL_UserMarshal
GetHookInterface
GetHGlobalFromStream
GetHGlobalFromILockBytes
GetConvertStg
FmtIdToPropStgName
DoDragDrop
DllGetClassObjectWOW
CreateStreamOnHGlobal
CreatePointerMoniker
CreateOleAdviseHolder
CreateObjrefMoniker
CreateItemMoniker
CreateILockBytesOnHGlobal
CreateFileMoniker
CreateDataCache
CreateDataAdviseHolder
CreateAntiMoniker
CoWaitForMultipleHandles
CoUnmarshalHresult
CoUnloadingWOW
CoTaskMemAlloc
CoSwitchCallContext
CoSetCancelObject
CoRevokeMallocSpy
CoRevokeClassObject
CoReleaseMarshalData
CoRegisterSurrogateEx
CoRegisterPSClsid
CoRegisterMessageFilter
CoRegisterMallocSpy
CoRegisterClassObject
CoReactivateObject
CoQueryProxyBlanket
CoQueryClientBlanket
CoQueryAuthenticationServices
CoMarshalInterface
CoMarshalInterThreadInterfaceInStream
CoLockObjectExternal
CoIsOle1Class
CoInitializeEx
CoGetTreatAsClass
CoGetPSClsid
CoGetInstanceFromIStorage
CoGetInstanceFromFile
CoGetCurrentProcess
CoGetCallerTID
CoGetApartmentID
CoFreeUnusedLibraries
CoFreeLibrary
CoFreeAllLibraries
CoFileTimeToDosDateTime
CoFileTimeNow
CoEnableCallCancellation
CoDosDateTimeToFileTime
CoCreateInstanceEx
CoCreateInstance
CoCreateGuid
CoCreateFreeThreadedMarshaler
CLSIDFromString
CLSIDFromProgIDEx
CLIPFORMAT_UserSize
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserFree
BindMoniker
StringFromCLSID

oleaut32

VariantTimeToSystemTime
VariantInit
VariantCopyInd
VariantChangeType
VarUdateFromDate
VarUI4FromR4
VarUI4FromI2
VarUI4FromDisp
VarUI2FromR4
VarUI2FromI4
VarUI2FromDisp
VarUI2FromDate
VarUI1FromUI2
VarUI1FromStr
VarUI1FromI4
VarUI1FromI1
VarUI1FromDec
VarUI1FromBool
VarR8Round
VarR8FromUI4
VarR8FromDisp
VarR4FromUI4
VarR4FromUI1
VarR4FromStr
VarR4FromR8
VarR4FromDisp
VarR4FromDate
VarR4FromCy
VarR4CmpR8
VarParseNumFromStr
VarOr
VarNumFromParseNum
VarNot
VarNeg
VarMul
VarMod
VarIdiv
VarI4FromR4
VarI4FromI1
VarI4FromDisp
VarI4FromBool
VarI2FromUI2
VarI2FromI1
VarI2FromDisp
VarI2FromDate
VarI2FromCy
VarI2FromBool
VarI1FromUI2
VarI1FromR8
VarI1FromR4
VarI1FromDec
VarI1FromCy
VarI1FromBool
VarFormatNumber
VarFormatFromTokens
VarFormatDateTime
VarFix
VarEqv
VarDiv
VarDecSu
VarDecRound
VarDecFromUI2
VarDecFromStr
VarDecFromR8
VarDecFromI2
VarDecFromI1
VarDecFromDate
VarDecFromCy
VarDecFromBool
VarDecCmpR8
VarDecCmp
VarDecAbs
VarDateFromUdateEx
VarDateFromUdate
VarDateFromStr
VarDateFromI2
VarDateFromCy
VarDateFromBool
VarCyRound
VarCyNeg
VarCyMulI4
VarCyInt
VarCyFromUI4
VarCyFromUI2
VarCyFromStr
VarCyFromDec
VarCyCmpR8
VarCyCmp
VarCyAdd
VarCmp
VarBstrFromI4
VarBstrFromDisp
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarBstrCmp
VarBstrCat
VarBoolFromUI2
VarBoolFromUI1
VarBoolFromStr
VarBoolFromR8
VarBoolFromI2
VarBoolFromDec
VarAdd
VarAbs
VARIANT_UserMarshal
VARIANT_UserFree
UnRegisterTypeLi
SystemTimeToVariantTime
SysStringByteLen
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SetErrorInfo
SafeArrayUnlock
SafeArraySetRecordInfo
SafeArraySetIID
SafeArrayRedim
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayDestroyDescriptor
SafeArrayDestroy
SafeArrayCreate
SafeArrayCopyData
RevokeActiveObject
RegisterActiveObject
OleTranslateColor
OleLoadPicturePath
OleLoadPictureFile
OleLoadPictureEx
OleLoadPicture
OleCreatePropertyFrame
OleCreatePictureIndirect
OleCreateFontIndirect
OaBuildVersion
LoadTypeLi
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_Size
LPSAFEARRAY_Marshal
GetAltMonthNames
DispInvoke
DispGetIDsOfNames
ClearCustData
BSTR_UserUnmarshal
BSTR_UserFree

Sections

.text
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b10e09b45a1ebdc4d6f0c7a9e975e12b

Code Sign

78:6d:e3:00:2c:bb:2f:5a:b9:cb:ce:1e:5e:6d:02:9aCertificate

Extended Key Usages

83:31:dd:15:3e:8b:03:e8:aa:22:c0:2e:ed:27:3c:b6:33:99:fd:0dSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

Sections

.text Size: 199KB - Virtual size: 198KB

.data Size: 512B - Virtual size: 160B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 3KB - Virtual size: 3KB

78:6d:e3:00:2c:bb:2f:5a:b9:cb:ce:1e:5e:6d:02:9a
Certificate

83:31:dd:15:3e:8b:03:e8:aa:22:c0:2e:ed:27:3c:b6:33:99:fd:0d
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 199KB - Virtual size: 198KB

.data
Size: 512B - Virtual size: 160B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 3KB - Virtual size: 3KB