2211e0668cbcd49b6ff71345319d2feff1b03115058c3a9266bf5b189c0ab7a3

Sharing

Copy URL Twitter E-mail

General

Target

2211e0668cbcd49b6ff71345319d2feff1b03115058c3a9266bf5b189c0ab7a3
Size

11.8MB
MD5

efe96217e17b5b60241cd64734af659a
SHA1

7fb69d80ee811386d7c57ead590c18d07e6550bb
SHA256

2211e0668cbcd49b6ff71345319d2feff1b03115058c3a9266bf5b189c0ab7a3
SHA512

7ad4ed8cad14de785c7c154f694d709536db5cd1540e986292a6ea449bfbd1ad5d001a6951cdf06f571c177f4fbd9cab5081883dc3fa218fa84d1e1351c3c837
SSDEEP

196608:cLPwD+al9mfUExzoSweLWdrVGdHF5gqqDYNs6YGHEZX9G81tqjlqKK/6iDrNVsHK:cLID+alYUyzbKOjNqDYV1HEZ11SjMNVt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2211e0668cbcd49b6ff71345319d2feff1b03115058c3a9266bf5b189c0ab7a3

Files

2211e0668cbcd49b6ff71345319d2feff1b03115058c3a9266bf5b189c0ab7a3
.dll windows:5 windows x86

4bc7d7fc0752b1b8857ca56e19c19f34

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetClipboardData
CharUpperBuffW

gdi32

SetStretchBltMode

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

Shell_NotifyIconA

ole32

CLSIDFromString

oleaut32

SafeArrayPtrOfIndex

comctl32

ImageList_Destroy

ws2_32

closesocket

comdlg32

GetSaveFileNameA

Exports

Exports

AlphaBlend
DllInitialize1
GradientFill
TransparentBlt
vSetDdrawflag1

Sections

.text
Size: - Virtual size: 674KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODE
Size: - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CR;
Size: - Virtual size: 8.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.:*~
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.3cl
Size: 11.8MB - Virtual size: 11.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bc7d7fc0752b1b8857ca56e19c19f34

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 674KB

CODE Size: - Virtual size: 330KB

.rdata Size: - Virtual size: 97KB

.data Size: - Virtual size: 178KB

DATA Size: - Virtual size: 67KB

BSS Size: - Virtual size: 25KB

.CR; Size: - Virtual size: 8.4MB

.:*~ Size: 4KB - Virtual size: 2KB

.3cl Size: 11.8MB - Virtual size: 11.8MB

.reloc Size: 4KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: - Virtual size: 674KB

CODE
Size: - Virtual size: 330KB

.rdata
Size: - Virtual size: 97KB

.data
Size: - Virtual size: 178KB

DATA
Size: - Virtual size: 67KB

BSS
Size: - Virtual size: 25KB

.CR;
Size: - Virtual size: 8.4MB

.:*~
Size: 4KB - Virtual size: 2KB

.3cl
Size: 11.8MB - Virtual size: 11.8MB

.reloc
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 5KB