547b1a50b81812d4a5814cd89b5577ce849ab1b2caae49256f1da416bff10d53

Sharing

Copy URL Twitter E-mail

General

Target

547b1a50b81812d4a5814cd89b5577ce849ab1b2caae49256f1da416bff10d53
Size

408KB
MD5

f403b1396c77691ffbaccf241a222f6d
SHA1

47d6d7dd5211696242c94bb8c10bf246cac5b36a
SHA256

547b1a50b81812d4a5814cd89b5577ce849ab1b2caae49256f1da416bff10d53
SHA512

59449b63f86616a6188b1f0741c79bf7d325f7cdc90bf4346cd58c8f152362c63d9eebc77c5bcc80a4b1e5a44ad018755c152906cbd914251c1d09227e3d4c5e
SSDEEP

6144:WBFk9LViQOnl7hnD0Jdnp8LMCwpCYqKO9mPgD5jLE2jHgbbhUYlae:WwxY7hnD0Jdeepm95ppjHgb1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
547b1a50b81812d4a5814cd89b5577ce849ab1b2caae49256f1da416bff10d53

Files

547b1a50b81812d4a5814cd89b5577ce849ab1b2caae49256f1da416bff10d53
.dll windows:5 windows x86

a5381ad83d0533b64af504e80bd6d4d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCPInfo
GetOEMCP
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
ExitProcess
HeapFree
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetCommandLineA
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetACP
GetFileTime
HeapCreate
HeapDestroy
VirtualFree
GetTimeZoneInformation
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetFileSizeEx
FileTimeToLocalFileTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
UnlockFile
LockFile
ReadFile
MoveFileA
GlobalFindAtomA
lstrcmpW
GlobalFlags
FileTimeToSystemTime
GlobalGetAtomNameA
InterlockedIncrement
GetModuleHandleW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
CompareStringA
InterlockedExchange
lstrcmpA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenA
GetVersion
FreeLibrary
TerminateProcess
GetFileAttributesA
FlushFileBuffers
LoadLibraryA
GetSystemDefaultLCID
GetVersionExA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
Sleep
DeleteFileA
SetFilePointer
SetEndOfFile
WriteFile
FreeResource
GetWindowsDirectoryA
MoveFileExA
DefineDosDeviceA
SetLastError
FormatMessageA
LocalFree
DeviceIoControl
MultiByteToWideChar
GetModuleFileNameA
GetSystemDirectoryA
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GetCurrentProcessId
ProcessIdToSessionId
OutputDebugStringA
CreateFileA
GetLastError
CloseHandle
GetLogicalDriveStringsA
QueryDosDeviceA
GetPrivateProfileStringA
IsValidCodePage
WritePrivateProfileStringA

user32

DestroyMenu
CharUpperA
ShowWindow
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
SetWindowTextA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
UnhookWindowsHookEx
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
wsprintfA
GetWindowThreadProcessId
SendMessageA
GetClassNameA
GetWindowTextA
PostMessageA
GetSystemMetrics

gdi32

TextOutA
RectVisible
PtVisible
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetDeviceCaps
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
ControlService
StartServiceA
QueryServiceStatus
DeleteService
OpenSCManagerA
OpenServiceA
ChangeServiceConfigA
CloseServiceHandle
CreateServiceA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecA

oleaut32

VariantInit
VariantClear
VariantChangeType

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Exports

Exports

EdpChangePwd
EdpErrorMessage
EdpForceUnMountALLFile
EdpMountFile
EdpStartService
EdpStopService
EdpUnMountFile
EdpUnMountFileByHandle
EdpUnMountFileEx

Sections

.text
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5381ad83d0533b64af504e80bd6d4d6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

oleaut32

version

Exports

Exports

Sections

.text Size: 187KB - Virtual size: 186KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 141KB - Virtual size: 140KB

.reloc Size: 30KB - Virtual size: 30KB

.text
Size: 187KB - Virtual size: 186KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 141KB - Virtual size: 140KB

.reloc
Size: 30KB - Virtual size: 30KB