411fe3cb80e945bc552f1691492e73e255dcbe4361d0e6263b09571f2dc58141

Sharing

Copy URL Twitter E-mail

General

Target

411fe3cb80e945bc552f1691492e73e255dcbe4361d0e6263b09571f2dc58141
Size

267KB
MD5

33e608f075a72b11c567a69b74ad6004
SHA1

b2f5fd57444e46188d0f3c4340ba96a0b6ac7184
SHA256

411fe3cb80e945bc552f1691492e73e255dcbe4361d0e6263b09571f2dc58141
SHA512

fa8d10da4988a5c1df05065acb86bd8b1aa15f8c92ead4f64fd34783f92ae729cd981829d7f67dd4de49e92b55f1d918eaa21a1da8933a05e4f773c890c521db
SSDEEP

6144:8+qu1VuqZvxEb/1i1IfRAPAk+rqVJPvyyNxEwfBWE8fJ3cuYdyRamLJA:FIf6oGJPFvEwpG+2XJA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
411fe3cb80e945bc552f1691492e73e255dcbe4361d0e6263b09571f2dc58141

Files

411fe3cb80e945bc552f1691492e73e255dcbe4361d0e6263b09571f2dc58141
.dll windows x86

133f01090bc3b7c114435a9ed6213cea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SystemTimeToTzSpecificLocalTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
VirtualQuery
GetSystemInfo
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
SetEnvironmentVariableA
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
GetFileType
GetStdHandle
GetModuleFileNameA
ExitProcess
HeapQueryInformation
GetModuleHandleExW
GetCommandLineW
GetCommandLineA
InterlockedFlushSList
RtlUnwind
OutputDebugStringW
GetFileAttributesExW
FileTimeToLocalFileTime
FileTimeToSystemTime
VirtualProtect
GetCurrentProcess
WriteFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
FormatMessageW
LocalFree
GlobalFree
GlobalUnlock
CompareStringW
GlobalFindAtomW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
CloseHandle
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExA
FindResourceW
SizeofResource
LockResource
LoadResource
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetLastError
OutputDebugStringA
GetACP
WideCharToMultiByte
MultiByteToWideChar
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
HeapFree

user32

DestroyMenu
CharUpperW
LoadCursorW
GetSysColorBrush
GetSystemMetrics
ReleaseDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
KillTimer
SetTimer
RealChildWindowFromPoint
ClientToScreen
SetWindowTextW
ShowWindow
GetMonitorInfoW
WinHelpW
LoadIconW
UnhookWindowsHookEx
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
RemovePropW
GetPropW
SetPropW
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
DestroyWindow
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetWindow
MonitorFromWindow
UnregisterClassW
GetClientRect
SetRectEmpty
OffsetRect
GetParent
PostMessageW
PostQuitMessage
SendMessageW
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
GetWindowTextW
GetScrollPos
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongW
MessageBoxW
IsWindowEnabled
EnableWindow
SetCursor
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect

gdi32

DeleteDC
Escape
GetClipBox
GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetMapMode
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
DeleteObject
GetDeviceCaps
SetTextColor
CreateBitmap
SetBkColor

advapi32

RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteW

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

133f01090bc3b7c114435a9ed6213cea

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

ole32

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 62KB - Virtual size: 61KB

.data Size: 6KB - Virtual size: 16KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 62KB - Virtual size: 61KB

.data
Size: 6KB - Virtual size: 16KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 13KB - Virtual size: 13KB