fc227e3e94b9d30b070c79262833321308875318ba343cedcf42e255ac0d7b2b

Sharing

Copy URL Twitter E-mail

General

Target

fc227e3e94b9d30b070c79262833321308875318ba343cedcf42e255ac0d7b2b
Size

2.5MB
MD5

5d986499069e9bd7ba82d624c324675a
SHA1

194a068317f4be34bfb6d626e9e9140b8f21a723
SHA256

fc227e3e94b9d30b070c79262833321308875318ba343cedcf42e255ac0d7b2b
SHA512

c6ba08ebc9eee5ce7831f01c4feb45d01bac1c42c4495c6e91046223d519c8549b6b97d46bad73aa4016fbf236aac31388dd13bbd51df3250d37821659cbc742
SSDEEP

49152:lsrdX8mDercySMdiMXtg5UcAo0fbEJ7Jq063oTD0sG4hNiBia:lsrdXhDercyHr9DfbEJ7o06Q0sw4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc227e3e94b9d30b070c79262833321308875318ba343cedcf42e255ac0d7b2b

Files

fc227e3e94b9d30b070c79262833321308875318ba343cedcf42e255ac0d7b2b
.dll windows:5 windows x86

9b2f70651cd02470bb9098653132665f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

DragAcceptFiles
SHGetPathFromIDListA

gdi32

GetTextColor
SetBitmapDimensionEx

oleaut32

GetRecordInfoFromGuids
GetErrorInfo

ws2_32

select

clusapi

CloseClusterResource

wininet

RetrieveUrlCacheEntryStreamW

shlwapi

AssocGetPerceivedType

rpcrt4

RpcServerUseProtseqEpExW

user32

GetMenuItemID
OpenClipboard
EnumDisplayMonitors
GetUpdateRgn
IsCharAlphaNumericA
GetKeyState
ChildWindowFromPoint
IsClipboardFormatAvailable
GetMenuStringW
EnumWindows
InvalidateRect
PeekMessageW

advapi32

TreeResetNamedSecurityInfoW
GetKernelObjectSecurity
AddAce

psapi

EnumProcessModules

winspool.drv

SetPrinterW

crypt32

CertFindCTLInStore

rasapi32

RasEnumEntriesW

winmm

mixerGetLineControlsA
mmioSendMessage

kernel32

SetConsoleScreenBufferSize
GetThreadPriority
GetConsoleWindow
GetNamedPipeInfo
OutputDebugStringA
DisableThreadLibraryCalls
InterlockedPushEntrySList
GetBinaryTypeA
CloseHandle
GetModuleFileNameW
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GlobalAddAtomA
FatalAppExitA
GetSystemTimeAsFileTime
VerLanguageNameW

msvcrt

isprint
vfwprintf

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

+aZzAW
Size: 536KB - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

drcOD
Size: 696KB - Virtual size: 695KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TG
Size: 856KB - Virtual size: 855KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b2f70651cd02470bb9098653132665f

Headers

File Characteristics

Imports

shell32

gdi32

oleaut32

ws2_32

clusapi

wininet

shlwapi

rpcrt4

user32

advapi32

psapi

winspool.drv

crypt32

rasapi32

winmm

kernel32

msvcrt

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 300KB - Virtual size: 300KB

+aZzAW Size: 536KB - Virtual size: 532KB

drcOD Size: 696KB - Virtual size: 695KB

TG Size: 856KB - Virtual size: 855KB

.rsrc Size: 4KB - Virtual size: 1000B

.reloc Size: 148KB - Virtual size: 145KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 300KB - Virtual size: 300KB

+aZzAW
Size: 536KB - Virtual size: 532KB

drcOD
Size: 696KB - Virtual size: 695KB

TG
Size: 856KB - Virtual size: 855KB

.rsrc
Size: 4KB - Virtual size: 1000B

.reloc
Size: 148KB - Virtual size: 145KB