5eee792af4a87ec6a8fcf0389e881f009a279b7202b83999b2f4ab6280b2a655

Sharing

Copy URL Twitter E-mail

General

Target

5eee792af4a87ec6a8fcf0389e881f009a279b7202b83999b2f4ab6280b2a655
Size

2.4MB
MD5

6cf7c2b79054d61ef333f22933823055
SHA1

f96f33ff1bcf434e00e58d2a0101f3b59f20b1c9
SHA256

5eee792af4a87ec6a8fcf0389e881f009a279b7202b83999b2f4ab6280b2a655
SHA512

6ca6aee4287eb600b8b648ad0633411bf91bae1297429a5cc647b779daff1b0fb8ad52a0f3bcfa8ede0a188431e1aaa218ed36f83c5b4176953aa23cef15dd18
SSDEEP

49152:Lpcu02iTDeyFA/vEBlgpHreXIkKe4t+giJS5s6eUal+xAMZ:SWiTDeQA3E/YHM/4Ag/eUaoxr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5eee792af4a87ec6a8fcf0389e881f009a279b7202b83999b2f4ab6280b2a655

Files

5eee792af4a87ec6a8fcf0389e881f009a279b7202b83999b2f4ab6280b2a655
.dll windows:5 windows x86 arch:x86

9a2ee9edff96b1337c1b7b586380a272

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetMessageA
keybd_event
GetMessagePos
MenuItemFromPoint
ActivateKeyboardLayout
PackDDElParam
IsWindowUnicode
GetActiveWindow
GetUpdateRgn
GetOpenClipboardWindow
ShowWindow
CharPrevW

ws2_32

select

mprapi

MprInfoBlockSet

advapi32

CryptDuplicateKey
CreateProcessAsUserA
PrivilegeCheck

kernel32

GetFileSize
UnregisterWaitEx
SetPriorityClass
LoadLibraryExA
GetModuleHandleA
GetProcAddress
GetModuleHandleW
OutputDebugStringA
GetProcessHeap
ReleaseMutex
SetConsoleOutputCP
SetTimeZoneInformation
GetSystemTimeAsFileTime
GetExitCodeProcess
Process32FirstW
DeleteCriticalSection
InterlockedPushEntrySList
VirtualAlloc
LeaveCriticalSection
WaitForSingleObject
EnterCriticalSection

lz32

LZRead
GetExpandedNameW
LZClose

oleaut32

GetErrorInfo
SysAllocStringLen

gdi32

CreateICW
CloseMetaFile
SetWindowOrgEx

setupapi

SetupDiDestroyDeviceInfoList

msvcrt

memset
putc

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a2ee9edff96b1337c1b7b586380a272

Headers

File Characteristics

Imports

user32

ws2_32

mprapi

advapi32

kernel32

lz32

oleaut32

gdi32

setupapi

msvcrt

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 2.1MB - Virtual size: 2.1MB

.data Size: 176KB - Virtual size: 177KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 64KB - Virtual size: 60KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 176KB - Virtual size: 177KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 64KB - Virtual size: 60KB