9f317931ab66aa582d95d1f9a00893e3b73424f28a75a91b643c388a2cf84b28

Sharing

Copy URL

Twitter E-mail

General

Target

9f317931ab66aa582d95d1f9a00893e3b73424f28a75a91b643c388a2cf84b28
Size

393KB
MD5

f4c376d72b67576c384114e24cf0cf17
SHA1

e7f7fd0ce9d00c255b0c4bc87bd2e923c919fdae
SHA256

9f317931ab66aa582d95d1f9a00893e3b73424f28a75a91b643c388a2cf84b28
SHA512

593f55218456d8ec763d789b455ddb334ec1faa7e57aa36d065320026d5a9012fdc987319a1e0106a991588ad7cabef0d3ea298055132e1bf2918c3ab1660004
SSDEEP

6144:E2gwSrx3N19qQ5FNaGhg8+GU9+k5uedHc3zZrrauRUoaGFA5Io0gS:3ij1R0Ku5JEgoalIof

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f317931ab66aa582d95d1f9a00893e3b73424f28a75a91b643c388a2cf84b28

Files

9f317931ab66aa582d95d1f9a00893e3b73424f28a75a91b643c388a2cf84b28
.dll windows x64

09f418947b8f4c6cbfcfea351046b154

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetStartupInfoW
GetCPInfoExW
SetSystemTimeAdjustment
GetProcessWorkingSetSizeEx
QueryUnbiasedInterruptTime
FindStringOrdinal
GetCommConfig
QueryDosDeviceW
RemoveDirectoryTransactedW
TryEnterCriticalSection
SetFileIoOverlappedRange
SetConsoleHistoryInfo
SetConsoleCtrlHandler
GetConsoleAliasExesLengthW
AddVectoredContinueHandler
EnumTimeFormatsW
GetProcessWorkingSetSize
SetInformationJobObject
GetThreadPriorityBoost
WriteProfileStringW
GetNamedPipeServerSessionId
QueryInformationJobObject
FindFirstVolumeMountPointW
GetCurrentProcessorNumberEx
EnumResourceTypesExW
CloseThreadpool
GetFileInformationByHandleEx
NotifyUILanguageChange
CompareFileTime
GetNumaAvailableMemoryNodeEx
GetProcessShutdownParameters
CreateThreadpool
SetHandleInformation
IsBadWritePtr
CreateTimerQueueTimer
GetBinaryTypeW
NeedCurrentDirectoryForExePathW
RtlUnwind
EraseTape
GetConsoleAliasesW
MapUserPhysicalPagesScatter
SetThreadDescription
CopyFileTransactedW
CreateSemaphoreExW
CreateDirectoryTransactedW
SetPriorityClass
CreateEventExW
FindFirstFileNameW
AddDllDirectory
SetLocalTime
GetCommandLineW
SetConsoleActiveScreenBuffer
EnumCalendarInfoExEx
IsDBCSLeadByteEx
QueryProtectedPolicy
SetSystemPowerState
GetLongPathNameW
GetCurrentProcess
GetConsoleOutputCP
GetStdHandle
CreateWaitableTimerW
EnumCalendarInfoW
ReleaseSemaphore
GetCPInfo
SetDynamicTimeZoneInformation
Wow64DisableWow64FsRedirection
GetThreadIdealProcessorEx
lstrcpynW
CheckTokenMembershipEx
RegisterWaitForSingleObject
RemoveDllDirectory
GetModuleHandleExW
SetTimeZoneInformation
ExpandEnvironmentStringsW
GetFileBandwidthReservation
GetSystemDefaultUILanguage
CreatePrivateNamespaceW
UnregisterWait
GetDiskFreeSpaceW
GetAppContainerNamedObjectPath
SetConsoleMode
SetCurrentConsoleFontEx
GetTimeFormatEx
RtlPcToFileHeader
SetFileBandwidthReservation
DeviceIoControl
VirtualAlloc
GetNumberOfConsoleMouseButtons
WaitForDebugEvent
TerminateProcess
GetProcessAffinityMask
PrefetchVirtualMemory
WakeAllConditionVariable
DisassociateCurrentThreadFromCallback
AddSecureMemoryCacheCallback
GetModuleFileNameW
FindFirstStreamTransactedW
CreateThreadpoolIo
CreateNamedPipeW
GetSystemTimes
WaitForMultipleObjects
SetMailslotInfo
GetCommModemStatus
RequestWakeupLatency
GetThreadLocale
GetLocaleInfoEx
SetConsoleWindowInfo
GetUserDefaultLocaleName
GetCompressedFileSizeTransactedW
GetNumaNodeNumberFromHandle
LocalHandle
GetProcessId
SignalObjectAndWait
DeleteTimerQueueEx
GetUserDefaultUILanguage
GetConsoleFontSize
SetSystemFileCacheSize
LockFile
CreateConsoleScreenBuffer
GetProcessVersion
GetDynamicTimeZoneInformation
AllocateUserPhysicalPages
LeaveCriticalSectionWhenCallbackReturns
SetFilePointer
InitOnceInitialize
GetProcessMitigationPolicy
EnumUILanguagesW
GetNumaAvailableMemoryNode
GetFileMUIPath
GetNumaProcessorNode
GetConsoleTitleW
FlsGetValue
OpenFileById
GetConsoleAliasW
GetSystemPowerStatus
EnumResourceNamesW
CreateBoundaryDescriptorW
PeekNamedPipe
EnumCalendarInfoExW
GetTempPathW
GetLargePageMinimum
WaitForThreadpoolTimerCallbacks
WaitForMultipleObjectsEx
ResetWriteWatch
FindClose
GetLocaleInfoW
IsNLSDefinedString
GetVolumePathNameW
WaitForSingleObject
GetCommMask
GetDateFormatEx
GetNumberFormatEx
GetTapePosition
FreeLibraryAndExitThread
GetCurrentThreadId
OpenJobObjectW
MapViewOfFileExNuma
EnumSystemCodePagesW
QueryThreadCycleTime
ReleaseMutex
OpenFileMappingW
ApplicationRecoveryFinished
SetupComm
GetSystemDirectoryW
GetComputerNameExW
HeapWalk
IsBadCodePtr
GlobalDeleteAtom
GetUILanguageInfo
ContinueDebugEvent
MapUserPhysicalPages
GlobalGetAtomNameW
GetApplicationRecoveryCallback
DuplicateHandle
HeapValidate
IsProcessInJob
GetModuleHandleA
GetSystemDefaultLangID
GetSystemDefaultLocaleName
DisconnectNamedPipe
FindFirstChangeNotificationW
LCIDToLocaleName
OpenProcess
HeapSize
SetProcessMitigationPolicy
CloseThreadpoolWait
GetNamedPipeInfo
CancelWaitableTimer
EndUpdateResourceW
CreateEventW
MultiByteToWideChar
GetSystemWow64DirectoryW
GetFileInformationByHandle
WritePrivateProfileStructW
LocalFileTimeToFileTime
ReadThreadProfilingData
SetConsoleScreenBufferInfoEx
PowerCreateRequest
VerifyScripts
LCMapStringEx
OpenWaitableTimerW
MoveFileWithProgressW
FlsSetValue
GetLastError
GetLargestConsoleWindowSize
EnumSystemLocalesEx
ChangeTimerQueueTimer
AttachConsole
GetSystemFirmwareTable
EscapeCommFunction
UpdateProcThreadAttribute
GetConsoleAliasesLengthW
TzSpecificLocalTimeToSystemTime
SetThreadpoolThreadMaximum
GetLogicalProcessorInformationEx
GetConsoleDisplayMode
AddResourceAttributeAce
SetFileInformationByHandle
OutputDebugStringW
ConvertDefaultLocale
ReadConsoleInputW
SetThreadpoolTimerEx
FlushViewOfFile
GlobalSize
GetThreadUILanguage
GetLogicalProcessorInformation
GetNumaNodeProcessorMask
CloseThreadpoolTimer
GetNamedPipeHandleStateW
GetDiskFreeSpaceExW
OfferVirtualMemory
DisableThreadLibraryCalls
GetCurrentThread
GetMailslotInfo
InterlockedFlushSList
InitOnceComplete
GetActiveProcessorGroupCount
GetNumaProximityNodeEx
FindCloseChangeNotification
LoadLibraryA
lstrcatW
GetApplicationRestartSettings
GetTapeParameters
SetWaitableTimerEx
CreateThreadpoolWait
LockResource
EnumResourceNamesExW
GetCommState
GlobalAlloc
InterlockedPushListSListEx
GetSystemDEPPolicy
GlobalFree
HeapReAlloc
CloseHandle
SetProcessPreferredUILanguages
WriteConsoleOutputAttribute
SetThreadpoolTimer
AllocateUserPhysicalPagesNuma
CompareStringEx
EnumResourceLanguagesW
FreeConsole
GetSystemInfo
CreateSymbolicLinkTransactedW
GetProcessHeaps
WriteProfileSectionW
SetThreadpoolWait
QueryProcessCycleTime
ReadFileEx
HeapSetInformation
GetThreadIOPendingFlag
ResetEvent
IsDBCSLeadByte
ScrollConsoleScreenBufferW
SetComputerNameW
GetActiveProcessorCount
LoadResource
DeleteProcThreadAttributeList
FindResourceW
HeapAlloc
WriteConsoleInputW
Wow64SuspendThread
GetCurrencyFormatW
ClearCommError
FileTimeToLocalFileTime
DeleteSynchronizationBarrier
FatalAppExitW
GetDefaultCommConfigW
GetMemoryErrorHandlingCapabilities
GetNLSVersionEx
GetCurrentDirectoryW
GetProcessPreferredUILanguages
SetStdHandle
UpdateResourceW
GetCurrentConsoleFontEx
HeapCompact
FindNextChangeNotification
AddSIDToBoundaryDescriptor
SetVolumeMountPointW
FindNextFileNameW
HeapDestroy
SetThreadIdealProcessor
GetNamedPipeClientSessionId
QueryIdleProcessorCycleTimeEx
LocalSize
GetCurrentProcessorNumber
GetDurationFormatEx
GetThreadContext
ReadDirectoryChangesW
SubmitThreadpoolWork
CreateFileMappingFromApp
SetThreadPriorityBoost
VirtualLock
GetPriorityClass
GetProcAddress
GlobalLock
VirtualAllocEx
CreateMutexExW
DebugActiveProcess
FindFirstFileNameTransactedW
HeapQueryInformation
GetTimeFormatW
GetThreadId
GetOverlappedResultEx
SetFileApisToOEM
GetFileSize
DeleteCriticalSection
FindAtomW
LCMapStringW
GetComputerNameW
SetProtectedPolicy
DisableThreadProfiling
FindFirstStreamW
UnhandledExceptionFilter
GetNumberOfConsoleInputEvents
GlobalMemoryStatusEx
CreateProcessW
SetThreadExecutionState
GetModuleHandleW
SetFirmwareEnvironmentVariableExW
CreateSemaphoreW
IsValidLanguageGroup
WideCharToMultiByte
GetConsoleWindow
lstrcpyW
GetLongPathNameTransactedW
DeleteBoundaryDescriptor
SleepConditionVariableSRW
LocaleNameToLCID
VerifyVersionInfoW
WritePrivateProfileSectionW
QueryFullProcessImageNameW
ReadConsoleOutputCharacterW
LocalReAlloc
GetTempFileNameW
SetConsoleOutputCP
GetSystemTimeAsFileTime
GetFileType
DeleteTimerQueueTimer
LocalFlags
EnumSystemFirmwareTables
SetFileApisToANSI
GetSystemTime
GlobalMemoryStatus
ReleaseSemaphoreWhenCallbackReturns
SetThreadErrorMode
CreateWaitableTimerExW
DebugBreak
GetTapeStatus
InterlockedPushEntrySList
SetConsoleCursorPosition
SetThreadPreferredUILanguages
FindNextVolumeW
BackupSeek
GetProcessGroupAffinity
CreateMailslotW
GetDateFormatW
InitializeSListHead
GetSystemPreferredUILanguages
CreateIoCompletionPort
OpenMutexW
FindNextStreamW
GetTickCount
WaitNamedPipeW
GetTimeZoneInformationForYear
FlsFree
SetCommConfig
AllocConsole
lstrcmpW
EnumDateFormatsW
GetDllDirectoryW
GetStringTypeA
MulDiv
SetConsoleTitleW
InitializeSynchronizationBarrier
GetFirmwareEnvironmentVariableW
RegisterBadMemoryNotification
MoveFileW
VirtualQuery
RegisterApplicationRestart
CheckNameLegalDOS8Dot3W
GetVolumeInformationByHandleW
GetProcessTimes
GetFileTime
AddIntegrityLabelToBoundaryDescriptor
DebugBreakProcess
IsDebuggerPresent
ConnectNamedPipe
VirtualQueryEx
SetFileCompletionNotificationModes
CreateTimerQueue
IsBadStringPtrW
FlushFileBuffers
RegisterApplicationRecoveryCallback
CreateThreadpoolWork
CreateFileW
SetThreadAffinityMask
CreateDirectoryW
GetCalendarInfoW
AreFileApisANSI
QueryPerformanceCounter
GetCurrentProcessId
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RaiseException
ExitProcess
HeapFree
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
WriteFile
GetConsoleMode
SetFilePointerEx
WriteConsoleW

user32

MessageBoxA

gdi32

GetNearestPaletteIndex
RestoreDC
StretchBlt

Exports

Exports

Boijaeoifjaeoifgjaweigj
Bojeaiofgeasjoigsjhgiserg
Iopaeiofgeasiogjsejhg
Kpoosgioewjiogaesgjieasg

Sections

.code
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 237KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09f418947b8f4c6cbfcfea351046b154

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.code Size: 95KB - Virtual size: 94KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 237KB - Virtual size: 240KB

.pdata Size: 4KB - Virtual size: 3KB

_RDATA Size: 1024B - Virtual size: 252B

.reloc Size: 2KB - Virtual size: 1KB

.code
Size: 95KB - Virtual size: 94KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 237KB - Virtual size: 240KB

.pdata
Size: 4KB - Virtual size: 3KB

_RDATA
Size: 1024B - Virtual size: 252B

.reloc
Size: 2KB - Virtual size: 1KB