6d6315a7e67f1379211489e3d6aa21df8823b12b814e8c277455abbd62869f79

Sharing

Copy URL Twitter E-mail

General

Target

6d6315a7e67f1379211489e3d6aa21df8823b12b814e8c277455abbd62869f79
Size

1.6MB
MD5

48f29d0b6cf81a40058181035f9b68f4
SHA1

8a8e6ebf2151a908894830ba39d16b5301358796
SHA256

6d6315a7e67f1379211489e3d6aa21df8823b12b814e8c277455abbd62869f79
SHA512

6e7c628f97a5c0a07f56e36e71d227b8344726425e95dbd839f0cc54237de7cee428304947c4d3790e261c00d82e53341105cb2c145938b976066cee9d4e344c
SSDEEP

49152:TEMP9baf9DImKiskobCwfmGHHLyl2eZOJZ:TnRIt0ep2kBC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d6315a7e67f1379211489e3d6aa21df8823b12b814e8c277455abbd62869f79

Files

6d6315a7e67f1379211489e3d6aa21df8823b12b814e8c277455abbd62869f79
.dll windows x86

4ae8279466edf307018d835924c95871

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetStartupInfoA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
HeapCreate
FreeLibrary
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
IsBadWritePtr
HeapSize
GetACP
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
GetCommandLineA
TerminateProcess
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
GetTickCount
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetThreadLocale
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetProcessVersion
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLastError
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
GetFileAttributesA
GetCurrentThread
FormatMessageA
LocalFree
CloseHandle
GlobalFree
GlobalReAlloc
lstrcpynA
lstrcmpA
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleFileNameA
VirtualFree
Sleep
VirtualAlloc
GetProcAddress
GetProcessHeap
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
SetStdHandle

user32

WindowFromPoint
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
GetDesktopWindow
DestroyMenu
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
CreateDialogIndirectParamA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
BringWindowToTop
TrackPopupMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
DestroyWindow
ReuseDDElParam
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetCursorPos
SendMessageA
InvalidateRect
GetParent
GetSubMenu
LoadMenuA
EnableWindow
MessageBeep
GetClientRect
SetWindowLongA
SetCursor
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
EndDialog
SetRectEmpty
TranslateAcceleratorA
SetScrollInfo
SetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetDlgCtrlID
IsIconic
GetFocus
IsChild
AdjustWindowRectEx
SetCapture
RedrawWindow
ReleaseCapture
PtInRect
IsWindow
GetSysColor
CopyIcon
LoadCursorA
LoadIconA
LoadBitmapA
AnimateWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetKeyState
UpdateWindow
SetTimer
FillRect
GetWindowRect
IsZoomed
InflateRect
SetCursorPos
DestroyCursor
PostQuitMessage
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
SetRect
LoadStringA
GetSysColorBrush
GetClassNameA
KillTimer
CreateWindowExA
UnpackDDElParam
PostThreadMessageA
SetParent
RegisterClipboardFormatA
LockWindowUpdate
GetDCEx
GetTabbedTextExtentA
CharUpperA
GetNextDlgGroupItem
CopyAcceleratorTableA
CharNextA
GetMenuItemID
FindWindowA
LoadAcceleratorsA

gdi32

GetWindowExtEx
CreatePen
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
CreateRectRgnIndirect
StretchDIBits
CreateCompatibleBitmap
GetCharWidthA
GetTextExtentPoint32A
GetTextMetricsA
Rectangle
DPtoLP
GetViewportExtEx
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
CreateDCA
GetMapMode
SetRectRgn
CombineRgn
LPtoDP
GetTextColor
GetBkColor
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
GetDeviceCaps
CreateRectRgn
DeleteObject
GetCurrentPositionEx
SetTextAlign
LineTo
MoveToEx
GetViewportOrgEx
GetStockObject
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectObject
RestoreDC
SaveDC
StartDocA
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleDC
BitBlt
GetObjectA
CreateFontIndirectA

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA
CommDlgExtendedError
PrintDlgA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
SetFileSecurityA
GetFileSecurityA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantClear
SysAllocStringLen
SysFreeString
VariantTimeToSystemTime
SysStringLen

odbc32

ord10
ord5
ord16
ord61
ord13
ord18
ord11
ord3
ord14
ord9
ord15
ord51
ord45
ord50
ord1
ord2
ord41
ord68
ord12
ord46
ord19
ord44
ord8
ord59
ord17
ord49
ord48
ord4
ord72
ord20

Exports

Exports

SetCOMProfile
WSCreateInstance

Sections

.text
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ae8279466edf307018d835924c95871

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

odbc32

Exports

Exports

Sections

.text Size: 248KB - Virtual size: 245KB

.rdata Size: 64KB - Virtual size: 61KB

.data Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 20KB - Virtual size: 16KB

.reloc Size: 40KB - Virtual size: 36KB

.text
Size: 248KB - Virtual size: 245KB

.rdata
Size: 64KB - Virtual size: 61KB

.data
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 20KB - Virtual size: 16KB

.reloc
Size: 40KB - Virtual size: 36KB