8ea54fa4c36bdcd7869a5b77c63591896e3529c1bb3b14464ac7e01ecab96373

Sharing

Copy URL Twitter E-mail

General

Target

8ea54fa4c36bdcd7869a5b77c63591896e3529c1bb3b14464ac7e01ecab96373
Size

653KB
MD5

cc8f01008b311ed891e4a33d775b833f
SHA1

6e93bf32f89810ee9316be10b92cb43c91f3093c
SHA256

8ea54fa4c36bdcd7869a5b77c63591896e3529c1bb3b14464ac7e01ecab96373
SHA512

3204a9b856ce6073aa787117c03dc8541f1fb605a092a62795992c6d73ab59d00777bec5cfc3e15640de50a1fc7456f5596d5b8de6f1646945f19861166aed39
SSDEEP

12288:fAI3yMgR35mY5OzBmQqTrjJsXBTXDZgWfjSQFRXObVTrzmjrP5oGb84K:II3yf95OzBmQq3upD2W7S6XOtPoD5ouy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ea54fa4c36bdcd7869a5b77c63591896e3529c1bb3b14464ac7e01ecab96373

Files

8ea54fa4c36bdcd7869a5b77c63591896e3529c1bb3b14464ac7e01ecab96373
.dll windows x86

c2a4dce43b409e08924f982d45786607

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

iphlpapi

GetAdaptersInfo

kernel32

GlobalLock
GlobalUnlock
GlobalAlloc
LoadLibraryExW
GetModuleFileNameW
EnumResourceNamesW
SetLastError
LoadLibraryW
FormatMessageW
SetUnhandledExceptionFilter
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
GetTempPathW
GetTempFileNameW
MoveFileW
GetStringTypeW
MultiByteToWideChar
LocalAlloc
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetWindowsDirectoryW
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
lstrcmpiW
lstrlenW
CompareStringW
VerSetConditionMask
VerifyVersionInfoW
GetModuleHandleW
GetProcAddress
DeleteCriticalSection
DecodePointer
InitializeCriticalSectionEx
CompareStringEx
FreeLibrary
FindClose
WriteConsoleW
ReadConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetTimeZoneInformation
GetFileType
GetModuleHandleExW
ExitProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcess
RtlUnwind
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
WriteFile
ReadFile
GetLastError
GetFileTime
CreateDirectoryW
WideCharToMultiByte
CreateFileW
FindNextFileW
DeleteFileW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
MulDiv
GetVolumeInformationW
CloseHandle
UnhandledExceptionFilter
GetCPInfo
LCMapStringEx
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
GetSystemDirectoryW
LocalFree
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
OutputDebugStringW
IsDebuggerPresent
GetConsoleScreenBufferInfo
GetStdHandle
InterlockedFlushSList
GetUserDefaultLangID
SetConsoleTextAttribute
TerminateProcess
GetCurrentProcessId
GetEnvironmentStringsW
FlushFileBuffers
GetConsoleOutputCP
GetModuleFileNameA
GetCurrentThread
InitializeCriticalSection
LoadLibraryA

user32

GetSysColorBrush
SendMessageW
CharNextW
GetParent
IsWindow
OffsetRect
CallWindowProcW
CreateWindowExW
SystemParametersInfoW
LoadCursorW
GetClassNameW
EndPaint
BeginPaint
GetDlgCtrlID
GetWindowLongW
SetWindowLongW
SetWindowPos
GetDlgItem
GetWindowTextLengthW
DefWindowProcW
UnregisterClassW
GetClientRect
SetRectEmpty
InvalidateRect
UpdateWindow
GetWindowTextW
CharLowerW
GetDC
DrawTextW
GetWindowRect
PtInRect
IsClipboardFormatAvailable
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
OpenClipboard
SetPropW
RemovePropW
EnableWindow
KillTimer
SetTimer
SetWindowTextW
RedrawWindow
IsWindowVisible
ShowWindow
GetPropW
PostQuitMessage
GetWindow
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScreenToClient
PostMessageW
SetForegroundWindow
MessageBoxW
EndDialog
DestroyWindow
FillRect
IsWindowEnabled
GetSysColor
GetFocus
DrawFocusRect
SetCursor
TrackMouseEvent
SetFocus
SetCapture
GetCapture
ReleaseCapture
GetCursorPos
LoadImageW
GetSystemMetrics
DialogBoxIndirectParamW
LoadStringW
IsRectEmpty
ReleaseDC

gdi32

CreateFontW
DeleteObject
DeleteDC
SelectObject
GetDeviceCaps
SetBkMode
GetStockObject
CreateFontIndirectW
SetTextColor
GetObjectW

advapi32

EqualSid
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
OpenProcessToken
RegDeleteKeyW
RegQueryInfoKeyW
RegDeleteValueW
CryptDecrypt
CryptImportKey
CryptEncrypt
CryptVerifySignatureW
CryptReleaseContext
CryptCreateHash
CryptDeriveKey
CryptHashData
CryptAcquireContextW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
CryptDestroyKey
CryptDestroyHash
IsTextUnicode
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
GetSecurityDescriptorDacl
FreeSid
AllocateAndInitializeSid
LookupAccountSidW
CloseServiceHandle
OpenSCManagerW
GetTokenInformation

shell32

ShellExecuteW

ole32

CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantTimeToSystemTime
VarDateFromStr
SysFreeString
SystemTimeToVariantTime
SysStringLen
VarUI4FromStr

shlwapi

PathIsUNCW
PathFileExistsW
ord12

comctl32

DestroyPropertySheetPage
PropertySheetW
CreatePropertySheetPageW

dbghelp

SymGetLineFromAddr
SymSetSearchPath
SymCleanup
SymInitialize
SymSetOptions
StackWalk
SymGetModuleBase
SymFunctionTableAccess

wininet

InternetQueryOptionW
InternetReadFile
HttpQueryInfoW
HttpEndRequestW
InternetWriteFile
HttpSendRequestExW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetConnectW
InternetSetOptionW
InternetOpenW
InternetCloseHandle
InternetCrackUrlW

Exports

Exports

DisplayRegistration
DisplayRegistrationStr
GetPropertyValue
ReadSettings
ReadSettingsRet
ReadSettingsRetStr
ReadSettingsStr
Register
RegisterStr

Sections

.text
Size: 456KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2a4dce43b409e08924f982d45786607

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

dbghelp

wininet

Exports

Exports

Sections

.text Size: 456KB - Virtual size: 456KB

.rdata Size: 114KB - Virtual size: 114KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 55KB - Virtual size: 54KB

.reloc Size: 22KB - Virtual size: 21KB

.text
Size: 456KB - Virtual size: 456KB

.rdata
Size: 114KB - Virtual size: 114KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 55KB - Virtual size: 54KB

.reloc
Size: 22KB - Virtual size: 21KB