192cafa995f0a3c6d65c36b607e77211

Sharing

Copy URL Twitter E-mail

General

Target

192cafa995f0a3c6d65c36b607e77211
Size

105KB
MD5

192cafa995f0a3c6d65c36b607e77211
SHA1

8d8e872971256930c1c25691fba3f4c2d2a7269c
SHA256

fa15d47d01d3318072d844dd5222c1860bf994ececb7eccc3df43c6bad8db1b3
SHA512

4ca9764583795585575e136add893b44111b462734358257c5315216ee1d7aca31e6415f968504e2eed2b2212028ce5907d1ea869c6563de16b10d725c317d89
SSDEEP

1536:FsFgGAyxpEuCmwsu0RFEmOjDzIUEhzeP7ICyz5QH9RYZ8v3Wklf9ncobUfsRSN65:qFgGA3uzjA7ERi1xlfrQNN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
192cafa995f0a3c6d65c36b607e77211

Files

192cafa995f0a3c6d65c36b607e77211
.dll windows:6 windows x86 arch:x86

4598c56e019bc243174e22edc1de3f60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

imm32

ImmAssociateContextEx
ImmDestroyIMCC
ImmGenerateMessage
ImmGetCompositionFontA
ImmReleaseContext
ImmSetCompositionFontA
ImmSetCompositionStringW
ImmShowSoftKeyboard

user32

AppendMenuW
ClipCursor
DdeCreateStringHandleW
DestroyAcceleratorTable
EnumWindows
FlashWindow
LoadKeyboardLayoutA
MoveWindow
SetDlgItemTextA
SetLastErrorEx
UnregisterDeviceNotification

rpcrt4

NdrServerCall
RpcBindingServerFromClient

msacm32

acmDriverAddW
acmDriverDetailsA
acmDriverEnum
acmDriverRemove
acmFormatChooseA
acmFormatTagDetailsA
acmMetrics
acmStreamPrepareHeader
acmStreamReset

mswsock

SetServiceA
dn_expand
rexec

mapi32

ord175
ord36
ord143
ord30
ord148
ord33
ord157

gdi32

CreateColorSpaceW
CreateCompatibleBitmap
EnumFontFamiliesW
EnumFontsA
FloodFill
GetGlyphOutlineA
Rectangle
TranslateCharsetInfo

kernel32

CloseHandle
CreateFileMappingW
CreateFileW
DecodePointer
DeleteCriticalSection
DeleteFileW
EncodePointer
EnterCriticalSection
EnumSystemCodePagesW
ExitProcess
FlushFileBuffers
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
MapViewOfFile
MultiByteToWideChar
OutputDebugStringW
QueryPerformanceCounter
RtlUnwind
SetEndOfFile
SetFilePointer
SetFilePointerEx
SetFileTime
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

ahbsguc

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4598c56e019bc243174e22edc1de3f60

Headers

File Characteristics

Imports

imm32

user32

rpcrt4

msacm32

mswsock

mapi32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 72KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 9KB - Virtual size: 16KB

.rsrc Size: 512B - Virtual size: 424B

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 9KB - Virtual size: 16KB

.rsrc
Size: 512B - Virtual size: 424B