4d3db3810a53df273816c5499d9898e7ab8e505a2a5b146159a2b4b54f40140b

Sharing

Copy URL

Twitter E-mail

General

Target

4d3db3810a53df273816c5499d9898e7ab8e505a2a5b146159a2b4b54f40140b
Size

1.6MB
MD5

bd882e889728e1bca4297f27233c43df
SHA1

431fd3c4bf6ef4dbb0bd84f5a4c3a2a17c2fbbbc
SHA256

4d3db3810a53df273816c5499d9898e7ab8e505a2a5b146159a2b4b54f40140b
SHA512

128d344a7f981bdada8fe4405947a7368e03bd66b1cb4271441cf1575b1fa0373a5c251a5ff2e70533ddc296444fc61637cde5675a5fe6100c25b1f291533fcf
SSDEEP

49152:88hjY3++b0cwYIuJ4UFbMBSUOI25JkFa:PGrbtdgSUP27kA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d3db3810a53df273816c5499d9898e7ab8e505a2a5b146159a2b4b54f40140b

Files

4d3db3810a53df273816c5499d9898e7ab8e505a2a5b146159a2b4b54f40140b
.dll windows:5 windows x86

b12b19ba7debede325f61718e630ef80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
CryptEncrypt
GetOldestEventLogRecord
QueryServiceObjectSecurity
ClearEventLogA
AreAnyAccessesGranted

ole32

StgCreatePropStg
OleRegGetUserType

avifil32

AVIStreamSampleToTime

opengl32

glGetIntegerv

clusapi

ClusterResourceOpenEnum

winspool.drv

AddFormW
SetFormW
DeletePrinterConnectionW

wininet

InternetCrackUrlW
InternetOpenW

rpcrt4

RpcEpRegisterA
RpcCancelThread
RpcEpResolveBinding
RpcEpUnregister
RpcSsFree

winmm

waveInStop
midiInGetNumDevs

oleaut32

SafeArrayCreate
GetErrorInfo
GetRecordInfoFromGuids
VarBstrFromUI1

esent

JetRetrieveColumn
JetGotoBookmark

gdi32

GetStretchBltMode
PlayMetaFile
CreateDiscardableBitmap
ResizePalette
EnumFontFamiliesExA
GetDeviceCaps

user32

GetNextDlgGroupItem
IsCharAlphaW
GetClipboardViewer
GetMenuContextHelpId
AppendMenuA
ShowWindow
GetCursor
GetUpdateRgn
DispatchMessageA
SetCapture
GetMenuStringA

lz32

LZSeek

winscard

SCardEstablishContext

kernel32

GetACP
SetEndOfFile
CloseHandle
SetConsoleTextAttribute
Process32FirstW
GetProcessHeap
WaitForSingleObjectEx
GetSystemTimeAsFileTime
MulDiv
GetUserDefaultLCID
LoadLibraryW
GetModuleFileNameA
GetModuleFileNameW
GetBinaryTypeW
HeapDestroy

shell32

SHGetInstanceExplorer
DragAcceptFiles
SHGetPathFromIDListA
SHGetPathFromIDListW

setupapi

SetupDiCreateDeviceInfoW
CM_Get_Hardware_Profile_Info_ExW
SetupDiBuildDriverInfoList
SetupDiEnumDeviceInfo
SetupDiGetActualSectionToInstallW
SetupGetLineByIndexW

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 940KB - Virtual size: 939KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jOjkH0
Size: 608KB - Virtual size: 605KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b12b19ba7debede325f61718e630ef80

Headers

File Characteristics

Imports

advapi32

ole32

avifil32

opengl32

clusapi

winspool.drv

wininet

rpcrt4

winmm

oleaut32

esent

gdi32

user32

lz32

winscard

kernel32

shell32

setupapi

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 48KB - Virtual size: 45KB

CODE Size: 940KB - Virtual size: 939KB

jOjkH0 Size: 608KB - Virtual size: 605KB

.rsrc Size: 4KB - Virtual size: 896B

.reloc Size: 24KB - Virtual size: 20KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 48KB - Virtual size: 45KB

CODE
Size: 940KB - Virtual size: 939KB

jOjkH0
Size: 608KB - Virtual size: 605KB

.rsrc
Size: 4KB - Virtual size: 896B

.reloc
Size: 24KB - Virtual size: 20KB