89067e6b3a4b107aedcd0dcc0483e51e3932bd90c15eb5ddda93fbfaed882561

Sharing

Copy URL Twitter E-mail

General

Target

89067e6b3a4b107aedcd0dcc0483e51e3932bd90c15eb5ddda93fbfaed882561
Size

2.1MB
MD5

6b0c87b5644bdd9a4043132ff6d043ce
SHA1

3b2132e01236d3221b0208a33286e1bb7eabf9ff
SHA256

89067e6b3a4b107aedcd0dcc0483e51e3932bd90c15eb5ddda93fbfaed882561
SHA512

1c4fdb9362d2729401e7fc02e1797efcf4bb061c36d0c383f19344e0e89c53ead256c29aedee9638ee60de147b50d756970b450443bdaa8735fcfeb397be681a
SSDEEP

24576:B8MyU/Kc7v7V/ERZh8O3+ZKLDdNS6m3MFgTeAo/Cm90y+Imnn3tFvq6QOsQKUUsb:B/KGxch88+sL7S9M2o/Be3XqZOnUurM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89067e6b3a4b107aedcd0dcc0483e51e3932bd90c15eb5ddda93fbfaed882561

Files

89067e6b3a4b107aedcd0dcc0483e51e3932bd90c15eb5ddda93fbfaed882561
.dll windows:5 windows x86 arch:x86

9bf61e1614d7a1e32b854f13ea794579

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscms

GetColorDirectoryW

esent

JetGotoBookmark

msvfw32

ICSendMessage
ICSeqCompressFrame

lz32

LZRead

oleaut32

SafeArrayGetLBound
BstrFromVector
SafeArrayPutElement

user32

EnableScrollBar
UpdateWindow
AnimateWindow
DragDetect
SwitchToThisWindow
DefMDIChildProcA
SetCaretPos
CreateWindowExA
ShowWindow
SetWindowRgn

pdh

PdhUpdateLogW
PdhAddCounterW

gdi32

SetWindowOrgEx
GetObjectType
GetMiterLimit
EndDoc

rasapi32

RasDeleteEntryW
RasGetEntryPropertiesA

ole32

GetClassFile
CoFileTimeNow
HWND_UserMarshal

msacm32

acmFormatDetailsW

advapi32

CryptDeriveKey
CryptAcquireContextA
RegOpenKeyExW
StartServiceCtrlDispatcherW
SaferCloseLevel
AllocateAndInitializeSid

msvcrt

wcsspn
fgets
puts

winspool.drv

EnumJobsW

setupapi

CM_Get_Child
SetupDiGetClassDevsExA
SetupDiClassGuidsFromNameExA
SetupGetFileQueueCount

winmm

midiInGetDevCapsA

crypt32

CryptQueryObject
CertGetIssuerCertificateFromStore
CryptSIPCreateIndirectData
CryptGetDefaultOIDDllList

wintrust

IsCatalogFile

kernel32

GetExitCodeProcess
GetSystemTime
ClearCommBreak
PurgeComm
ReplaceFileA
Sleep
GetCommandLineW
GetBinaryTypeW
GetModuleFileNameW
SetTapePosition
WaitForMultipleObjects
GetModuleHandleExW
FileTimeToLocalFileTime
SetStdHandle
GetUserDefaultLangID
OutputDebugStringA
SetCommState
SetEvent
Process32FirstW
CloseHandle
GetModuleFileNameA
LocalReAlloc
WaitForSingleObjectEx
EnumResourceTypesA
IsValidLocale
WriteFile
EnumUILanguagesW
TlsAlloc

netapi32

NetLocalGroupEnum
NetUserDel

shlwapi

UrlIsOpaqueW
StrChrA
AssocQueryStringA
StrChrW
PathRemoveArgsW
StrToIntW
UrlGetPartW

mprapi

MprAdminMIBBufferFree
MprConfigServerDisconnect

rpcrt4

I_RpcGetBuffer
NdrConformantArrayUnmarshall
NdrUserMarshalUnmarshall
RpcImpersonateClient
RpcServerRegisterAuthInfoW

opengl32

glMultMatrixf
glPixelStorei

shell32

SHGetFolderPathA
SHGetPathFromIDListA

ws2_32

getservbyname
getprotobynumber

Exports

Exports

EeershAfeshsels

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bf61e1614d7a1e32b854f13ea794579

Headers

File Characteristics

Imports

mscms

esent

msvfw32

lz32

oleaut32

user32

pdh

gdi32

rasapi32

ole32

msacm32

advapi32

msvcrt

winspool.drv

setupapi

winmm

crypt32

wintrust

kernel32

netapi32

shlwapi

mprapi

rpcrt4

opengl32

shell32

ws2_32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 40KB - Virtual size: 41KB

.CRT Size: 2.0MB - Virtual size: 2.0MB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 40KB - Virtual size: 41KB

.CRT
Size: 2.0MB - Virtual size: 2.0MB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 8KB