de6462a5e21281f27db454f82fec015210f8312579951550af42a023750fd7bc

Sharing

Copy URL Twitter E-mail

General

Target

de6462a5e21281f27db454f82fec015210f8312579951550af42a023750fd7bc
Size

318KB
MD5

c4971fa90f5a3784d7a057636fd4afac
SHA1

5687f495b41ebf8255ccc244413c29c9116b77b1
SHA256

de6462a5e21281f27db454f82fec015210f8312579951550af42a023750fd7bc
SHA512

6adc07e0daea837ab4ed719a383ccded7cbc5641f7f89c5f15bea80e1c7b2f494ed7e4f05ea9b0504e15c15ce42ae0002b2c2d2270143d2f40127f00c4fb95b7
SSDEEP

3072:wpJFmH/81TdJGgp1SZvAVmyusMKD+BgTKCmleY3+8YbYcM2Au+fntuo1drdvptDU:Oik2gJ+uK7sTY9/rE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de6462a5e21281f27db454f82fec015210f8312579951550af42a023750fd7bc

Files

de6462a5e21281f27db454f82fec015210f8312579951550af42a023750fd7bc
.dll windows:6 windows x64

20fca5f175dbc1b294e89bf4b43435f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegEnumValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

user32

LoadIconW
SendMessageW
ActivateKeyboardLayout
BroadcastSystemMessageW
GetKeyboardLayoutList
LoadKeyboardLayoutW
SystemParametersInfoW
UnloadKeyboardLayout
CreateIconIndirect
DestroyIcon
DialogBoxParamW
DrawTextW
EnableWindow
ExitWindowsEx
GetDC
GetDlgItem
GetParent
GetSysColor
InvalidateRect
IsDlgButtonChecked
GetKeyboardLayout
CheckDlgButton
SetWindowTextW
GetWindowLongPtrW
EndDialog
FillRect
SetWindowLongPtrW
SetRect
ReleaseDC
MessageBoxW
LoadStringW
LoadImageW
GetSystemMetrics

comctl32

ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon
PropertySheetW
ImageList_Remove

gdi32

DeleteDC
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
DeleteObject
GetStockObject
PatBlt
SetBkMode
SetDCBrushColor
SetTextColor
SelectObject

msvcrt

_initterm
wcschr
_wtoi
_amsg_exit
memset
free
malloc
_vsnwprintf
_wcsdup
wcslen
_wcsicmp
wcstoul
wcstok

kernel32

DebugBreak
GetSystemDirectoryW
lstrlenW
GetLocaleInfoW
FreeLibrary
GetProcAddress
TlsGetValue
LeaveCriticalSection
InitializeCriticalSection
GetLastError
EnterCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
Sleep
GetSystemDefaultLCID
LoadLibraryExW
GetCurrentProcess
EnumResourceNamesW
CloseHandle
LoadLibraryW
GetFileAttributesW

setupapi

SetupFindFirstLineW
SetupGetFieldCount
SetupGetStringFieldW
SetupOpenInfFileW
SetupCloseInfFile

Exports

Exports

CPlApplet

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20fca5f175dbc1b294e89bf4b43435f1

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

comctl32

gdi32

msvcrt

kernel32

setupapi

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 6KB

.pdata Size: 1024B - Virtual size: 912B

.rsrc Size: 275KB - Virtual size: 275KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 6KB

.pdata
Size: 1024B - Virtual size: 912B

.rsrc
Size: 275KB - Virtual size: 275KB

.reloc
Size: 1KB - Virtual size: 1KB