75126a6332e696b00f0f450b0cc0dcb46f9a193031d39eb847652be11bdd1bf1

Sharing

Copy URL Twitter E-mail

General

Target

75126a6332e696b00f0f450b0cc0dcb46f9a193031d39eb847652be11bdd1bf1
Size

296KB
MD5

c90c9ff4d3fc84e4492ad652169ba427
SHA1

60568fd29567a919c34b96533381b6bd43a45271
SHA256

75126a6332e696b00f0f450b0cc0dcb46f9a193031d39eb847652be11bdd1bf1
SHA512

3ff1e0a752bd3fb3eef66029c72a9609602fcd59a55f3ec3e285e9d42af7460c2e08825516a4293154fb917e33a68f17bb3242e6c7f66ff4ad5c84f36a75318e
SSDEEP

6144:7dcIN68UXydTPb3cthq3rSrMhq/TTB0XB+0N2:7yIK8TPb3cthq3Grr/TTWK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75126a6332e696b00f0f450b0cc0dcb46f9a193031d39eb847652be11bdd1bf1

Files

75126a6332e696b00f0f450b0cc0dcb46f9a193031d39eb847652be11bdd1bf1
.dll windows x86

6d53a08a2ceae14e3e0a1d6fea162ed3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLogicalDriveStringsA
LocalFree
GetFileSize
RemoveDirectoryA
LocalReAlloc
CreateProcessA
GetDiskFreeSpaceExA
CreateDirectoryA
CancelIo
OutputDebugStringA
InitializeCriticalSection
LoadLibraryA
GetVersionExA
GetSystemInfo
GetProcAddress
LocalSize
GlobalSize
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
TerminateProcess
CreatePipe
PeekNamedPipe
DisconnectNamedPipe
GetSystemDirectoryA
Process32First
GetCurrentProcess
OpenProcess
CreateToolhelp32Snapshot
Process32Next
CreateFileW
ReadConsoleW
SetStdHandle
HeapSize
GetCommandLineW
GetCommandLineA
lstrcpyA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
GetProcessHeap
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetACP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
ExitProcess
HeapReAlloc
HeapFree
HeapAlloc
WriteConsoleW
FindClose
GetFileType
GetStdHandle
InterlockedFlushSList
GetModuleFileNameW
LoadLibraryExW
FreeLibrary
RtlUnwind
OutputDebugStringW
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
DeleteFileA
CreateFileA
GetFileAttributesA
lstrcatA
LocalAlloc
GetVolumeInformationA
SetFilePointer
FindNextFileA
GetDriveTypeA
WriteFile
FindFirstFileA
MoveFileA
ReadFile
GetTickCount
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
VirtualAlloc
VirtualFree
CreateEventA
CreateThread
CloseHandle
TerminateThread
SetEvent
Sleep
ResumeThread
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetCPInfo
GetStringTypeW
WaitForSingleObject
GetLocaleInfoW
LCMapStringW
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
SetLastError
EncodePointer
QueryPerformanceFrequency
QueryPerformanceCounter
WideCharToMultiByte
GetModuleHandleExW
lstrlenA

user32

WindowFromPoint
keybd_event
EmptyClipboard
MapVirtualKeyA
BlockInput
GetClipboardData
mouse_event
SetCapture
SetClipboardData
GetCursorPos
SetCursorPos
GetSystemMetrics
CharNextA
wsprintfA
ReleaseDC
GetDesktopWindow
EnumDisplaySettingsA
GetCursorInfo
DestroyCursor
OpenClipboard
LoadCursorA
EnumWindows
GetWindowTextA
ShowWindow
PostMessageA
IsWindowVisible
KillTimer
SystemParametersInfoA
LoadIconA
SendMessageA
SetDlgItemTextA
SetFocus
MoveWindow
CreateWindowExA
GetClientRect
TranslateMessage
SetTimer
DispatchMessageA
GetMessageA
GetDC
CloseClipboard
EndDialog
DialogBoxParamA

gdi32

SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteDC
DeleteObject
BitBlt

advapi32

AdjustTokenPrivileges
SystemFunction036
LookupPrivilegeValueA
OpenProcessToken
EnumServicesStatusA
UnlockServiceDatabase
CloseServiceHandle
QueryServiceConfigA
OpenSCManagerA
LockServiceDatabase
ChangeServiceConfigA
ControlService
StartServiceA
OpenServiceA
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegQueryValueA
RegOpenKeyExA

shell32

SHGetFileInfoA

ole32

CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitialize

oleaut32

SysFreeString

winmm

waveInAddBuffer
waveInStart
waveOutPrepareHeader
waveOutOpen
waveInOpen
waveOutReset
waveOutClose
waveOutUnprepareHeader
waveInUnprepareHeader
waveInReset
timeBeginPeriod
waveOutGetNumDevs
waveOutWrite
waveInPrepareHeader
waveInStop
waveInClose
waveInGetNumDevs
PlaySoundA
timeEndPeriod

ws2_32

WSAGetLastError
setsockopt
getsockname
gethostname
WSACleanup
WSAIoctl
closesocket
gethostbyname
select
WSAStartup
inet_addr
send
socket
connect
inet_ntoa
recv
htons

avicap32

capGetDriverDescriptionA

msvfw32

ICSendMessage
ICSeqCompressFrameEnd
ICClose
ICSeqCompressFrameStart
ICSeqCompressFrame
ICCompressorFree
ICOpen

psapi

GetModuleFileNameExA
EnumProcessModules

Exports

Exports

IsExit
IsStoped
StopRun
TestRun

Sections

.text
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d53a08a2ceae14e3e0a1d6fea162ed3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

winmm

ws2_32

avicap32

msvfw32

psapi

Exports

Exports

Sections

.text Size: 186KB - Virtual size: 185KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 5KB - Virtual size: 12KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 186KB - Virtual size: 185KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 5KB - Virtual size: 12KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 11KB - Virtual size: 11KB