66e13612ce63cf1b22dd9f1d4a8dfdbef9e7427d374b47c97540bf790ef47447

Sharing

Copy URL Twitter E-mail

General

Target

66e13612ce63cf1b22dd9f1d4a8dfdbef9e7427d374b47c97540bf790ef47447
Size

81KB
MD5

0b19eaaf9e1c218a7555f98c82afcbf7
SHA1

4aa7d7e7bb3a8dcb6de86109b3550f28fb0c1411
SHA256

66e13612ce63cf1b22dd9f1d4a8dfdbef9e7427d374b47c97540bf790ef47447
SHA512

2bc5417bb649bf2b3d63fc1e9ee5f571fc62699264bbd6d2b8a873b7755108a8923f23db5849299f27cd7a7e38153a206017080d99a7a26c42599922504826a9
SSDEEP

1536:/SYkdXVqXdaBdjMZ8VJN8e1zECTGJNnhhVqRB5g:/38XcB8VJN8PCT0W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66e13612ce63cf1b22dd9f1d4a8dfdbef9e7427d374b47c97540bf790ef47447

Files

66e13612ce63cf1b22dd9f1d4a8dfdbef9e7427d374b47c97540bf790ef47447
.dll windows x86

eccdf95ea25668163c30c9d70cce1fc5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

DbgPrint

comctl32

CreatePropertySheetPageW

kernel32

DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemTimeAsFileTime
GetTickCount
GlobalLock
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryW
LocalAlloc
LocalFree
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_initterm
_iob
_lock
_onexit
_snwprintf
_unlock
abort
calloc
free
fwrite
memcmp
memmove
strncmp
vfprintf
wcscat
wcscmp
wcscpy
wcslen

ole32

ReleaseStgMedium

setupapi

CM_Get_Child
CM_Get_DevNode_Registry_PropertyW
CM_Get_Device_IDW
CM_Get_Device_ID_Size
CM_Get_Sibling
CM_Locate_DevNodeW

user32

CheckDlgButton
EnableWindow
EnumDisplayDevicesW
GetDlgItem
GetParent
GetWindowLongW
IsDlgButtonChecked
LoadStringW
RegisterClipboardFormatW
SendDlgItemMessageW
SendMessageW
SetDlgItemTextW
SetWindowLongW
ShowWindow

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 952B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 106B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rossym
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eccdf95ea25668163c30c9d70cce1fc5

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

comctl32

kernel32

msvcrt

ole32

setupapi

user32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 80B

.rdata Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 952B

.edata Size: 512B - Virtual size: 106B

.idata Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 25KB - Virtual size: 25KB

.reloc Size: 1024B - Virtual size: 764B

.rossym Size: 32KB - Virtual size: 31KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 80B

.rdata
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 952B

.edata
Size: 512B - Virtual size: 106B

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 25KB - Virtual size: 25KB

.reloc
Size: 1024B - Virtual size: 764B

.rossym
Size: 32KB - Virtual size: 31KB