e0d857b5972a8fa89010347d8f9249f699bdc39d39a104ac7bcb19a862c58887

Sharing

Copy URL

Twitter E-mail

General

Target

e0d857b5972a8fa89010347d8f9249f699bdc39d39a104ac7bcb19a862c58887
Size

2.3MB
MD5

40e9bd78ed098518bf3bba64ab679dcb
SHA1

5dafe55e770ba9f2f4eeb428f81eb84852a43b92
SHA256

e0d857b5972a8fa89010347d8f9249f699bdc39d39a104ac7bcb19a862c58887
SHA512

a42a78f3e1084b46bd444586faba3878bb2ee1b6a4b90ca7d34be43dd870530ee336919f265ed382657ca002e87fe4e40bfb71f87532fbd4a551472ed8dd660e
SSDEEP

24576:hLgf3wxlQajxsPuNHCHlbpyiwB7ZP/ZpfSphIUxVO5kf6qeu2oeKCiQjgfr8mCS:hkf3wrNbqbpXwBtPnKhOKZe7KXQSwmCS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0d857b5972a8fa89010347d8f9249f699bdc39d39a104ac7bcb19a862c58887

Files

e0d857b5972a8fa89010347d8f9249f699bdc39d39a104ac7bcb19a862c58887
.dll windows:5 windows x86

d2c84b85b47531e1286ba5e69025602e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
GetModuleFileNameA
GetCurrentProcessId
GetTickCount
DeleteFileA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
Sleep
CreateThread
GetModuleHandleA
InitializeCriticalSection
CreateEventA
TerminateThread
GetExitCodeThread
WriteFile
FlushViewOfFile
WaitForSingleObject
SetEvent
lstrcatA
EnterCriticalSection
WideCharToMultiByte
SetConsoleTextAttribute
GetStdHandle
SetFilePointer
CreateFileW
MultiByteToWideChar
TryEnterCriticalSection
ResetEvent
FindClose
FindFirstFileA
IsWow64Process
QueryDosDeviceA
LocalFree
LocalAlloc
OpenProcess
CreateDirectoryA
SetEnvironmentVariableA
CompareStringW
FlushFileBuffers
DeviceIoControl
CreateFileA
GetFileSize
ReadFile
CloseHandle
GetLastError
WriteConsoleW
SetStdHandle
LoadLibraryW
GetFileAttributesA
LeaveCriticalSection
DisableThreadLibraryCalls
HeapReAlloc
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetCurrentThreadId
GetCommandLineA
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetTimeZoneInformation
HeapSize
ExitProcess
GetModuleFileNameW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
LCMapStringW
GetStringTypeW

user32

SetWindowLongA
FindWindowA
CallWindowProcA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyA
RegQueryValueExA
RegCloseKey

shell32

SHGetFolderPathA

ole32

CoCreateGuid
CoInitialize
CoUninitialize

shlwapi

StrStrIA

iphlpapi

GetAdaptersInfo

Exports

Exports

CreateInterface

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d2c84b85b47531e1286ba5e69025602e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

iphlpapi

Exports

Exports

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 5KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2.2MB - Virtual size: 2.2MB

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 5KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2.2MB - Virtual size: 2.2MB