337baa18f6ed80683696f80ea4ff7bd3e1c855677dcbf12900aab002fd02dbe9

Sharing

Copy URL Twitter E-mail

General

Target

337baa18f6ed80683696f80ea4ff7bd3e1c855677dcbf12900aab002fd02dbe9
Size

755KB
MD5

dd31b36c74ffee5ced91a0f80c6b5de3
SHA1

7c1f7e84e7736bc2e2e1ee646d527024831224a0
SHA256

337baa18f6ed80683696f80ea4ff7bd3e1c855677dcbf12900aab002fd02dbe9
SHA512

f2fadabd70acedb2d97c71873825a64e137cc670d0f7679ab79c28d239cffda29412a723ed03a38b13ce74b375552f9414971f8aa47aadf72ace7add589aa4ed
SSDEEP

12288:MXX/ejhya+mC6pCfUpR0xn0Sr+pPa/RMCU1tpCBwjUP9zR0nrpLPUDGgBjvrEH7O:SXFaFfCj09pPaZMC0Srf0nSDGCrEH7nO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
337baa18f6ed80683696f80ea4ff7bd3e1c855677dcbf12900aab002fd02dbe9

Files

337baa18f6ed80683696f80ea4ff7bd3e1c855677dcbf12900aab002fd02dbe9
.dll windows x86

c4ed16538ffd4e6cac44499042a81a42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalAlloc
ReadFile
GetFileSize
CreateFileW
CreateDirectoryW
GetModuleFileNameW
GetVersion
GetLocalTime
GetProcAddress
LoadLibraryW
FreeLibrary
CloseHandle
GetLastError
WriteConsoleW
HeapSize
GetConsoleCP
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
FindFirstFileExA
GetProcessHeap
GetOEMCP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
ReadConsoleW
GetConsoleMode
GetFileType
GetStdHandle
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
HeapFree
HeapReAlloc
HeapAlloc
LoadLibraryExW
InterlockedFlushSList
RaiseException
RtlUnwind
LocalFree
GetACP
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
FlushFileBuffers
SetEndOfFile
SetFilePointerEx
WriteFile
GetSystemInfo
VirtualAlloc
VirtualFree
FindClose
FindNextFileA

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoUninitialize
CoInitializeSecurity
CoCreateInstance
CoSetProxyBlanket
CoInitializeEx

oleaut32

SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayAccessData
VariantChangeType
VariantClear
SysFreeString
SysAllocString
VariantInit

iphlpapi

GetAdaptersInfo

ws2_32

gethostname
WSAStartup
htonl
WSACleanup
inet_addr

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Exports

Exports

CreateCheckLicense
CreateCheckLicense1
DestroyCheckLicense

Sections

.text
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 370KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4ed16538ffd4e6cac44499042a81a42

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

oleaut32

iphlpapi

ws2_32

version

Exports

Exports

Sections

.text Size: 271KB - Virtual size: 271KB

.rdata Size: 370KB - Virtual size: 369KB

.data Size: 19KB - Virtual size: 22KB

.rsrc Size: 4KB - Virtual size: 8KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 271KB - Virtual size: 271KB

.rdata
Size: 370KB - Virtual size: 369KB

.data
Size: 19KB - Virtual size: 22KB

.rsrc
Size: 4KB - Virtual size: 8KB

.reloc
Size: 13KB - Virtual size: 12KB