3d65ae131dbbf3e299a35d5c36df09e3f4b9a976ef8dc851dc4cf5bfb39dc731

Sharing

Copy URL Twitter E-mail

General

Target

3d65ae131dbbf3e299a35d5c36df09e3f4b9a976ef8dc851dc4cf5bfb39dc731
Size

256KB
MD5

1bdce5fc95e7ab39999dba058692055d
SHA1

e085186eab5abfc4815fc4f4389167c9a09e49a0
SHA256

3d65ae131dbbf3e299a35d5c36df09e3f4b9a976ef8dc851dc4cf5bfb39dc731
SHA512

c41f7b3b729add269478851cee61eba09422a479f97ac9980c3a7249d5ba6bd11bfa93e249b86c1dbb2623fd601974f9bfd5009f191a1e489a3165f48aa40cd1
SSDEEP

3072:C9IdrUk/HhmB+1sVF1E5b4IYV/oew8myN72HjMiKwr739FDOhEt+WmFebYLS:EGgk/BmB+1sVfE5b4tW9sakWi8YLS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d65ae131dbbf3e299a35d5c36df09e3f4b9a976ef8dc851dc4cf5bfb39dc731

Files

3d65ae131dbbf3e299a35d5c36df09e3f4b9a976ef8dc851dc4cf5bfb39dc731
.dll windows:4 windows x86

287e0713c679df596550df57403b823a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFlags
InterlockedIncrement
GetVersionExA
GlobalFindAtomW
GetThreadLocale
ReadFile
FlushFileBuffers
SetEndOfFile
CreateFileW
RtlUnwind
RaiseException
HeapFree
WritePrivateProfileStringW
GetCommandLineA
GetProcessHeap
ExitProcess
HeapReAlloc
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedDecrement
GlobalFree
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
GetCurrentProcessId
GlobalAddAtomW
GlobalDeleteAtom
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
WideCharToMultiByte
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
VirtualAlloc
VirtualProtect
LoadLibraryA
CloseHandle
SetFilePointer
WriteFile
SetLastError
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
GetCurrentThreadId
InterlockedCompareExchange
VirtualFree
VirtualQuery
ResumeThread
GetLastError
GetModuleHandleW
GetCurrentThread
MultiByteToWideChar
FreeLibrary
InitializeCriticalSection
GetModuleHandleA
GetProcAddress
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
HeapAlloc
LoadLibraryW

shlwapi

PathFindFileNameW
PathFindExtensionW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

UnregisterClassA
ShowWindow
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
LoadCursorW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetDlgCtrlID
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DestroyMenu
DrawTextW
TabbedTextOutW
UnregisterClassW
UnhookWindowsHookEx
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetSysColorBrush
GetMenu
PostQuitMessage
PostMessageW
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
SendMessageW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetWindowRect

gdi32

DeleteDC
GetStockObject
ExtTextOutW
ScaleWindowExtEx
SetWindowExtEx
GetDeviceCaps
SaveDC
RestoreDC
SetBkColor
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
CreateBitmap
TextOutW
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
Escape

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

PmuEAQrkTL
WDDqYnzTU

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

287e0713c679df596550df57403b823a

Headers

File Characteristics

Imports

kernel32

shlwapi

oleacc

user32

gdi32

winspool.drv

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 161KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 24KB - Virtual size: 20KB

.text
Size: 164KB - Virtual size: 161KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 24KB - Virtual size: 20KB