f76daff9218ea801e2bf9a017669b2da1e11d9c861f37d5283008876daf763d7

Sharing

Copy URL

Twitter E-mail

General

Target

f76daff9218ea801e2bf9a017669b2da1e11d9c861f37d5283008876daf763d7
Size

59KB
MD5

4902bf2c924895f8b5708f4e06a36cba
SHA1

9108f549dd1ab257684b44ef8bd40f48e1bc1586
SHA256

f76daff9218ea801e2bf9a017669b2da1e11d9c861f37d5283008876daf763d7
SHA512

767c8f420aed226fb1df3f3d462d8621d0c469c3f575171589c587c2d1023d9458ba3b59b303d5c889a6536edc2a2629a349ace2fc1ffa0d214b4fa7e8219b0d
SSDEEP

768:LPI3Lf5VX0jEmhCL/lfI6D2cw7SkV4AziwD9S0dMZUf13D3b3:JgNL/lf9zwXV4AziwRS0i4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f76daff9218ea801e2bf9a017669b2da1e11d9c861f37d5283008876daf763d7

Files

f76daff9218ea801e2bf9a017669b2da1e11d9c861f37d5283008876daf763d7
.dll windows:6 windows x64

1abe9e961217dbc7b1f380ca5edbcde8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

EnableWindow
SetWindowLongPtrW
SetDlgItemTextW
SendMessageW
SendDlgItemMessageW
RegisterClipboardFormatW
LoadStringW
GetWindowLongPtrW
GetParent
GetDlgItem
EndDialog
DialogBoxParamW

comctl32

CreatePropertySheetPageW

ole32

ReleaseStgMedium

msvcrt

_amsg_exit
free
_snwprintf
wcslen
wcscpy
memcpy
memcmp
_initterm
memset

kernel32

GlobalUnlock
TlsGetValue
LeaveCriticalSection
InitializeCriticalSection
GetLastError
LocalAlloc
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
EnterCriticalSection
LocalFree
GetCurrentProcessId
Sleep
GlobalLock
GetProcessHeap
HeapAlloc
GetProcAddress
FreeLibrary
DisableThreadLibraryCalls
HeapFree
LoadLibraryW

ntdll

DbgPrint

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1abe9e961217dbc7b1f380ca5edbcde8

Headers

DLL Characteristics

File Characteristics

Imports

user32

comctl32

ole32

msvcrt

kernel32

ntdll

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 276B

.pdata Size: 1024B - Virtual size: 576B

.rsrc Size: 42KB - Virtual size: 42KB

.reloc Size: 512B - Virtual size: 60B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 276B

.pdata
Size: 1024B - Virtual size: 576B

.rsrc
Size: 42KB - Virtual size: 42KB

.reloc
Size: 512B - Virtual size: 60B