8916307fda80d5109f0148bcb55150ba1d58aeae108f086eef2f64e51efb9693

Sharing

Copy URL Twitter E-mail

General

Target

8916307fda80d5109f0148bcb55150ba1d58aeae108f086eef2f64e51efb9693
Size

879KB
MD5

a6f8dc69c8210908c306af5fc20222c6
SHA1

e3bd3acc8118d8293c24561deaa27b901ef75948
SHA256

8916307fda80d5109f0148bcb55150ba1d58aeae108f086eef2f64e51efb9693
SHA512

5bf5437a8b294861cb9b6b984fd61a281b263739a2cb650cf494b345ab3f529f6a483c0b746ba951cee63349e05fefaf6a8bdcc5b651c4db61b32d761dd54a5b
SSDEEP

24576:jQHufYTyUX2XuCZR/sRSTrcOyTVa7mY1NxfGnMuO4VBVFw1yvb:w2eCZR/3TY3R3Hn86VAyj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8916307fda80d5109f0148bcb55150ba1d58aeae108f086eef2f64e51efb9693

Files

8916307fda80d5109f0148bcb55150ba1d58aeae108f086eef2f64e51efb9693
.dll windows x86

895458cf0da26dadce313116102d85cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
Process32First
GetSystemInfo
GetTickCount
OpenProcess
Process32Next
CreateToolhelp32Snapshot
Module32First
Module32Next
GetLastError
GetCurrentProcess
GetModuleFileNameA
GetProcAddress
CreateThread
CloseHandle
VirtualFree
GetVersionExA
GetModuleHandleA
LoadLibraryA
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ExitProcess
OutputDebugStringA
SetLastError
DeviceIoControl
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
SetFileAttributesA
WriteProcessMemory
CreateEventA
GetCurrentThreadId
TerminateThread
CreateMutexA
WaitForSingleObject
ReleaseMutex
Sleep
CopyFileA
CreateFileA
GetSystemDirectoryA
ReadFile

user32

AttachThreadInput
GetGUIThreadInfo
MapVirtualKeyA
SwapMouseButton
ScreenToClient
WindowFromPoint
GetCursorPos
GetDoubleClickTime
GetAncestor
keybd_event
SetTimer
KillTimer
GetKeyboardState
GetKeyState
ToAscii
GetForegroundWindow
GetWindowThreadProcessId
GetFocus

ws2_32

htonl
ntohl
htons
ntohs

advapi32

CloseServiceHandle
OpenSCManagerA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
StartServiceA
CreateServiceA
ControlService
DeleteService
OpenServiceA

ole32

CoCreateGuid

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

msvcrt

memmove
__dllonexit
strstr
_getpid
free
malloc
strrchr
fopen
fseek
ftell
fread
fclose
_purecall
strncat
_except_handler3
strncpy
time
srand
rand
_getcwd
_itoa
_mbsnbcpy
_mbsnbcat
memset
memcpy
_EH_prolog
_stricmp
_memicmp
__CxxFrameHandler
_snprintf
_onexit
??2@YAPAXI@Z

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

ShellExecuteA

Exports

Exports

CreateObj

Sections

.text
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.txt$0
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txt$1
Size: 505KB - Virtual size: 505KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

895458cf0da26dadce313116102d85cb

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

advapi32

ole32

msvcp60

msvcrt

version

shell32

Exports

Exports

Sections

.text Size: 260KB - Virtual size: 260KB

.rdata Size: 66KB - Virtual size: 66KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 1024B - Virtual size: 944B

.txt$0 Size: 16KB - Virtual size: 15KB

.txt$1 Size: 505KB - Virtual size: 505KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 260KB - Virtual size: 260KB

.rdata
Size: 66KB - Virtual size: 66KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 944B

.txt$0
Size: 16KB - Virtual size: 15KB

.txt$1
Size: 505KB - Virtual size: 505KB

.reloc
Size: 8KB - Virtual size: 7KB