d7857609dbbc4721e604bcb865ece2c85ab4838a99f73536d640fff2ab1206ef

Sharing

Copy URL Twitter E-mail

General

Target

d7857609dbbc4721e604bcb865ece2c85ab4838a99f73536d640fff2ab1206ef
Size

1.5MB
MD5

9a8faa62462e19df572df5d7e0f319c9
SHA1

d8919670db23de7f96f03595f404d23c39897b90
SHA256

d7857609dbbc4721e604bcb865ece2c85ab4838a99f73536d640fff2ab1206ef
SHA512

5db2901f688dff917e7a304763339a46bebb7adcacd26982f4407d9a358d943cc1044e0a5a2053c88e21d17fda6a1d7ee1bbaad65f6ba958c922bc63f10d330a
SSDEEP

12288:/vT3tjufjpSDORQL/kLtnzzzYzzzzzfQVch9i3KXCCCCCCCCCCCCCCCCCCCCCCCT:HHDORQIBnzzzYzzzzzfBrz/nR5GOC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7857609dbbc4721e604bcb865ece2c85ab4838a99f73536d640fff2ab1206ef

Files

d7857609dbbc4721e604bcb865ece2c85ab4838a99f73536d640fff2ab1206ef
.dll windows x86

71716ec4233b93af4683dde01eb6ac55

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
RaiseException
HeapSize
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
ExitThread
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
ExitProcess
CreateDirectoryW
FindNextFileW
GetSystemTime
DeviceIoControl
GetSystemDirectoryA
SetEnvironmentVariableW
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetSystemTimeAsFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetFileAttributesW
SetFileTime
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
lstrlenA
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
InterlockedIncrement
FormatMessageW
GetModuleHandleA
WritePrivateProfileStringW
MulDiv
GlobalFlags
FreeResource
GlobalFindAtomW
GetVersionExW
LoadLibraryW
CompareStringW
LoadLibraryA
GetVersionExA
SetErrorMode
lstrlenW
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalUnlock
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
InterlockedDecrement
CreateEventW
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalAddAtomW
GetCurrentProcessId
GetLastError
SetLastError
GlobalDeleteAtom
GetCurrentThread
GetProcessHeap
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
CompareStringA
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GetModuleHandleW
GetProcAddress
DeleteFileW
CloseHandle
GetModuleFileNameA
VirtualAlloc
CreateFileW
ReadFile
GetSystemDirectoryW
VirtualFree
SetFilePointer
GetLocaleInfoA
CreateFileA

user32

ShowWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
UpdateWindow
GetClientRect
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
GetSysColor
AdjustWindowRectEx
ScreenToClient
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
ClientToScreen
GetDesktopWindow
GetSysColorBrush
GetWindowRect
GetSystemMetrics
GetWindow
UnregisterClassW
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
ReleaseDC
GetDC
LoadCursorW
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
SetForegroundWindow
GetCursorPos
ValidateRect
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
PostMessageW
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
SendMessageW
ModifyMenuW
GetMenuState
EnableMenuItem
InvalidateRect
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
DestroyMenu
CharUpperW
EndPaint
RegisterClassW
BeginPaint
CheckMenuItem
MessageBoxW
GetCapture

gdi32

PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
CreateFontIndirectW
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
DeleteObject
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

SetFileSecurityW
InitializeSecurityDescriptor
AddAce
GetSidSubAuthority
InitializeSid
InitializeAcl
GetSidLengthRequired
RegCreateKeyExA
RegSetValueExA
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExA
SetSecurityDescriptorDacl

shell32

ShellExecuteExW
ShellExecuteW

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
UrlUnescapeW

oleaut32

VariantInit
VariantChangeType
VariantClear

iphlpapi

GetAdaptersInfo

wininet

HttpOpenRequestW
InternetConnectW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryDataAvailable

Exports

Exports

MessageBoxB
Tkey3d30
Tkey9830
Tkey9831
Tkey9902
Tkey9903
Tkey9904
Tkey9905
Tkey9906
Tkey9907
ViseEntry

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71716ec4233b93af4683dde01eb6ac55

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

iphlpapi

wininet

Exports

Exports

Sections

.text Size: 210KB - Virtual size: 210KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 9KB - Virtual size: 184KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 35KB - Virtual size: 35KB

.text
Size: 210KB - Virtual size: 210KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 9KB - Virtual size: 184KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 35KB - Virtual size: 35KB