b13f23986d8cae06a0b2d4ff585e1bc488c788881af905bd5f6604412ab2e006

Sharing

Copy URL Twitter E-mail

General

Target

b13f23986d8cae06a0b2d4ff585e1bc488c788881af905bd5f6604412ab2e006
Size

2.3MB
MD5

e9b2f423f5a76e2648b240142db968db
SHA1

507df328ee35eab98151a579f6437e244d3adad8
SHA256

b13f23986d8cae06a0b2d4ff585e1bc488c788881af905bd5f6604412ab2e006
SHA512

6495c74a27d82259ce7113d8d0769597b9aa39bdea1875a414f21126529f482a84a48f5830560e11c77361635e7427950272ebcf5d4d0df00719c199776fa6f1
SSDEEP

49152:n+1U4PY4ezobH+s69ByOhyuZ5gMYoYLi3cS64F0yyRARsLciN+s:gfQ4eK+jBhpJkUeRasLcD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b13f23986d8cae06a0b2d4ff585e1bc488c788881af905bd5f6604412ab2e006

Files

b13f23986d8cae06a0b2d4ff585e1bc488c788881af905bd5f6604412ab2e006
.dll windows x86

63dfc00af80d3390d718e7237935e78b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

lz32

LZRead

comdlg32

GetFileTitleW

gdi32

StrokeAndFillPath
CreateEnhMetaFileW
GetDIBColorTable
GetLogColorSpaceA
GetTextExtentExPointI
SetBrushOrgEx
GdiComment

shlwapi

StrChrA

oleaut32

GetRecordInfoFromGuids

kernel32

OutputDebugStringA
GetCurrentThreadId
GetProcessHeap
TerminateProcess
SetStdHandle
Process32FirstW
WritePrivateProfileStringW
EnterCriticalSection
CreateDirectoryExA
DeleteCriticalSection
WaitForSingleObject
IsDBCSLeadByte
CloseHandle
GetModuleFileNameW
GetConsoleScreenBufferInfo
GetNamedPipeInfo
GetCommandLineA
SetLastError

version

GetFileVersionInfoSizeA
GetFileVersionInfoW

msvcrt

putc
memset

advapi32

RegCloseKey
RegRestoreKeyA

mscms

DisassociateColorProfileFromDeviceW

wininet

PrivacyGetZonePreferenceW

setupapi

SetupDiDestroyDeviceInfoList

ole32

CoAddRefServerProcess

user32

GetKeyState
ReleaseDC
ToAsciiEx
TrackPopupMenuEx
ShowScrollBar
HiliteMenuItem
MenuItemFromPoint
DeregisterShellHookWindow
SetMenu
CloseClipboard
OpenIcon
SetMenuItemInfoW
DefWindowProcA
EnumPropsExA
UnionRect
ShowWindow
CopyAcceleratorTableW
CreateWindowExA
UpdateWindow
TabbedTextOutW
DragDetect
AnyPopup
GetCursorPos

Sections

.text
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erloc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.reloc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63dfc00af80d3390d718e7237935e78b

Headers

DLL Characteristics

File Characteristics

Imports

lz32

comdlg32

gdi32

shlwapi

oleaut32

kernel32

version

msvcrt

advapi32

mscms

wininet

setupapi

ole32

user32

Sections

.text Size: 212KB - Virtual size: 210KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 280KB - Virtual size: 282KB

.erloc Size: 1.7MB - Virtual size: 1.7MB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 104KB - Virtual size: 103KB

.text
Size: 212KB - Virtual size: 210KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 280KB - Virtual size: 282KB

.erloc
Size: 1.7MB - Virtual size: 1.7MB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 104KB - Virtual size: 103KB