ac01d0a7f6a97826e15d7a93d33254115d6dffabcec2e45c612378b4fee0a08e

Sharing

Copy URL

Twitter E-mail

General

Target

ac01d0a7f6a97826e15d7a93d33254115d6dffabcec2e45c612378b4fee0a08e
Size

2.0MB
MD5

ca23eac837b2941da05b53db4498ccb5
SHA1

eed1d77a689b796b030c30d33aa4d5128bca63b2
SHA256

ac01d0a7f6a97826e15d7a93d33254115d6dffabcec2e45c612378b4fee0a08e
SHA512

ca3dd398aa7f48420e1160a3b558c7af55f167ccbe128dbb61c19d5436517fd224f705ded0a906aced35bec8ce6c9bd50ef01b21fd79842ab6ce55f814f1f7ba
SSDEEP

24576:Vbql92iemDDui14zIjQ6X5FmnXk+h5rfwun067+/5iVER:Vbql92ieS3jQ6XrCXkh24iSR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac01d0a7f6a97826e15d7a93d33254115d6dffabcec2e45c612378b4fee0a08e

Files

ac01d0a7f6a97826e15d7a93d33254115d6dffabcec2e45c612378b4fee0a08e
.dll windows x86

1eb8c60ce28ae8b15f672f8c32f7275d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrRetToBufW

oleaut32

GetRecordInfoFromGuids

gdi32

BeginPath
SetEnhMetaFileBits
GetBitmapDimensionEx
EnumFontFamiliesExW
GetBkColor
StretchDIBits

advapi32

ImpersonateAnonymousToken
AddAccessAllowedObjectAce

mscms

OpenColorProfileA

msvcrt

memset

user32

CopyIcon
WaitForInputIdle
EndDeferWindowPos
DrawTextExW
CreateWindowExW
ClipCursor
GetMenuItemInfoA
MoveWindow

version

GetFileVersionInfoSizeA

kernel32

GetProcessHeap
GlobalCompact
TlsSetValue
GetEnvironmentStringsW
Thread32First
AddRefActCtx
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
EnterCriticalSection
CreateJobObjectW
VirtualProtect
LoadLibraryExA
WaitForSingleObject
SetLastError
CallNamedPipeA
GetCommandLineA
EnumResourceNamesW
EnumResourceLanguagesA
IsWow64Process

comdlg32

GetSaveFileNameA

Sections

.text
Size: 520KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 380KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.reloc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1eb8c60ce28ae8b15f672f8c32f7275d

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

oleaut32

gdi32

advapi32

mscms

msvcrt

user32

version

kernel32

comdlg32

Sections

.text Size: 520KB - Virtual size: 516KB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 380KB - Virtual size: 380KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 152KB - Virtual size: 151KB

.text
Size: 520KB - Virtual size: 516KB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 380KB - Virtual size: 380KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 152KB - Virtual size: 151KB