417f6a24c6fe9e450d47d45829512b252c4797b8e91a1f9a47c9b336255a0085

Sharing

Copy URL Twitter E-mail

General

Target

417f6a24c6fe9e450d47d45829512b252c4797b8e91a1f9a47c9b336255a0085
Size

564KB
MD5

73578cb113447e26f239286190f13627
SHA1

772f113b7af8543d1fc5fafa1c0976119359b1c4
SHA256

417f6a24c6fe9e450d47d45829512b252c4797b8e91a1f9a47c9b336255a0085
SHA512

5fce26b08336f5a356271114b2e39c4abb21cf04463018724f78c881b6ce541fcee88a09787b5cd04f32a5d6ade78175c9ff44d220403626d0d5f196c742a341
SSDEEP

12288:6j7p3ZzKV1vIKRAZnYgg8W1OoRi7Lbuj4/6IQ8KAIq6+HBYH4pl:Y7fM1vBRAZlg8WIGi7LJN6+gQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
417f6a24c6fe9e450d47d45829512b252c4797b8e91a1f9a47c9b336255a0085

Files

417f6a24c6fe9e450d47d45829512b252c4797b8e91a1f9a47c9b336255a0085
.dll windows:6 windows x86 arch:x86

7283850ef9fa5a9d0cad182080de50c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
InitializeCriticalSectionEx
HeapSize
GetLastError
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
SizeofResource
MultiByteToWideChar
LockResource
FindResourceExW
LoadResource
FindResourceW
GetCurrentProcess
GetModuleFileNameW
LoadLibraryW
GetProcAddress
GetModuleHandleW
FreeLibrary
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
GetCurrentThreadId
FormatMessageW
GetStringTypeW
QueryPerformanceCounter
SetLastError
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
LocalFree
GetCurrentProcessId
InitializeCriticalSection
ReleaseMutex
WaitForSingleObject
CreateMutexW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
CloseHandle
SetEvent
WaitForSingleObjectEx
Sleep
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCurrentThread
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
LoadLibraryExW
GetVersionExW
VirtualAlloc
VirtualProtect
VirtualFree
DuplicateHandle
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
RtlUnwind
DeleteFileW
CreateFileW
GetFileType
SetFilePointerEx
WriteFile
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetStdHandle
GetACP
FlushFileBuffers
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
ReadConsoleW
SetStdHandle
SetEndOfFile
FindClose

user32

wsprintfW

shell32

SHGetSpecialFolderPathW
ord165

shlwapi

PathFileExistsW
SHGetValueW
StrStrIW
PathAppendW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Exports

Exports

CreateProductAider

Sections

.text
Size: 422KB - Virtual size: 422KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7283850ef9fa5a9d0cad182080de50c8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

version

Exports

Exports

Sections

.text Size: 422KB - Virtual size: 422KB

.rdata Size: 108KB - Virtual size: 107KB

.data Size: 10KB - Virtual size: 13KB

.rsrc Size: 1024B - Virtual size: 896B

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 422KB - Virtual size: 422KB

.rdata
Size: 108KB - Virtual size: 107KB

.data
Size: 10KB - Virtual size: 13KB

.rsrc
Size: 1024B - Virtual size: 896B

.reloc
Size: 21KB - Virtual size: 21KB