0dfdac421c42ab159a900fa1b7d08e74958a97a1aa86ab3e820996d8bf786eb7

Sharing

Copy URL

Twitter E-mail

General

Target

0dfdac421c42ab159a900fa1b7d08e74958a97a1aa86ab3e820996d8bf786eb7
Size

200KB
MD5

82ec291fa3647b1b2d53d5b97282acef
SHA1

79555facd6b891116639d0d3dfc3d23247a97462
SHA256

0dfdac421c42ab159a900fa1b7d08e74958a97a1aa86ab3e820996d8bf786eb7
SHA512

a14111c7424d1ef4211fccd9c3179edd4f57ed570da249fce0f5df81fc47c9fafa32805072f0cf4dcc982821d433251be02d53146b807deeb27daae9d57a8c4a
SSDEEP

3072:kpzqxDDiuxeXWULk5+jJt6Gj3fZaXpygEUPexacpUotETUfB:sEDDiuxeXW4iCbopyqnZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dfdac421c42ab159a900fa1b7d08e74958a97a1aa86ab3e820996d8bf786eb7

Files

0dfdac421c42ab159a900fa1b7d08e74958a97a1aa86ab3e820996d8bf786eb7
.dll windows x86

0f3202c679ead0ff3f69eabf4a53b35a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalAlloc
LocalFree
TlsAlloc
GlobalFree
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
InterlockedDecrement
SetErrorMode
lstrcatA
lstrcpyA
lstrcpynA
GetVersion
GlobalFlags
WritePrivateProfileStringA
InterlockedIncrement
SetLastError
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
WriteFile
GlobalLock
GetCPInfo
GetOEMCP
RtlUnwind
TerminateProcess
RaiseException
HeapSize
GetACP
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadCodePtr
SetStdHandle
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
GetLastError
GetVersionExA
GetWindowsDirectoryA
lstrlenA
VirtualFree
GetSystemDirectoryA
TerminateThread
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateThread
GlobalAlloc
LCMapStringA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetCommandLineA
GetModuleHandleA
GetPrivateProfileStringA
DeleteFileA
CreateFileA
GetFileSize
ReadFile
Sleep
GetStartupInfoA
CreateProcessA
WaitForSingleObject
CloseHandle
FlushFileBuffers
GetTickCount
GlobalUnlock
IsBadReadPtr
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
GetProcessHeap
GetTempPathA
lstrcpyn
VirtualAlloc
GetComputerNameA
SetFilePointer

user32

GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
SetWindowPos
ShowWindow
SetFocus
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMenuItemCount
SetWindowTextA
ClientToScreen
SetWindowLongA
GetWindowThreadProcessId
GetWindowTextA
CallWindowProcA
MessageBoxA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
GetWindowLongA
SetCursor
SendMessageA
PostMessageA
SetForegroundWindow
GetActiveWindow
GetForegroundWindow
IsWindowEnabled
GetParent
EnableWindow
wsprintfA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
GetWindow
GetDlgCtrlID
GetWindowRect
CopyRect
PtInRect
PostQuitMessage

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA

gdi32

CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
GetObjectA
GetStockObject
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
DeleteObject

shlwapi

PathFileExistsA

ws2_32

shutdown
WSACleanup
closesocket

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comctl32

ord17

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0f3202c679ead0ff3f69eabf4a53b35a

Headers

File Characteristics

Imports

kernel32

user32

shell32

gdi32

shlwapi

ws2_32

advapi32

winspool.drv

comctl32

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 24KB - Virtual size: 122KB

.rsrc Size: 4KB - Virtual size: 692B

.data Size: 16KB - Virtual size: 15KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 24KB - Virtual size: 122KB

.rsrc
Size: 4KB - Virtual size: 692B

.data
Size: 16KB - Virtual size: 15KB