4bbb29115cd38d0d63e2f00d37b724ad

Sharing

Copy URL Twitter E-mail

General

Target

4bbb29115cd38d0d63e2f00d37b724ad
Size

222KB
MD5

4bbb29115cd38d0d63e2f00d37b724ad
SHA1

113ed39ac70946a66ba34bf911bf87a5d0314e51
SHA256

3fc170810518674ff37fcf3a47ddb83aa1bb301b3fcc64fe7e1fb584c30a6468
SHA512

bd733e7515b9d3d260dfcd3a6ec290f8315bd77cd1969fb457d14a2479d385d7ccee673459ffbd6d3511bdc265f43f3c770f1d38e1ccf4c7e92e6502eb556a2e
SSDEEP

3072:hisqnLNueWPJDlSjWGToXsiob85FrU+G102QMCD2MXEAAsblYIRZ9qj9vtlvdPTd:UsqnLmaSGTrGUNy2FAblMx7ttcH3iOG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bbb29115cd38d0d63e2f00d37b724ad

Files

4bbb29115cd38d0d63e2f00d37b724ad
.dll windows:6 windows x86 arch:x86

002c3dc03951f5cb12a0c35b07c69dd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
GetModuleHandleA
LoadLibraryA
QueryPerformanceFrequency
GetProcAddress
FreeLibrary
QueryPerformanceCounter
CreateThread
VirtualAlloc
DeleteCriticalSection
CreateEventW
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
MultiByteToWideChar
VirtualProtect
CloseHandle
GetCurrentProcessId
FreeLibraryAndExitThread
InitializeCriticalSectionAndSpinCount
Sleep

user32

CallWindowProcW
SetWindowLongW
DefWindowProcW
OpenClipboard
GetAsyncKeyState
EnumWindows
ScreenToClient
ClientToScreen
IsChild
GetWindowThreadProcessId
SetClipboardData
GetClipboardData
EmptyClipboard
GetCursorPos
CloseClipboard
SetCursorPos
GetClientRect
GetForegroundWindow
SetCursor
LoadCursorW

msvcp140

_Xtime_get_ticks
?_Xlength_error@std@@YAXPBD@Z

d3d9

Direct3DCreate9

imm32

ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

vcruntime140

_CxxThrowException
memmove
__CxxFrameHandler3
memcpy
memchr
__std_exception_destroy
__std_type_info_destroy_list
_except_handler4_common
memset
__current_exception_context
__current_exception
strstr
__std_terminate
__std_exception_copy

api-ms-win-crt-runtime-l1-1-0

terminate
_initterm
_initterm_e
_configure_narrow_argv
_cexit
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_seh_filter_dll

api-ms-win-crt-stdio-l1-1-0

ftell
__acrt_iob_func
__stdio_common_vsscanf
fread
__stdio_common_vsprintf
_wfopen
fwrite
fflush
fclose
fseek

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

api-ms-win-crt-math-l1-1-0

_libm_sse2_cos_precise
_libm_sse2_sqrt_precise
ceil
_libm_sse2_acos_precise
_libm_sse2_sin_precise

Sections

.text
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

002c3dc03951f5cb12a0c35b07c69dd8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcp140

d3d9

imm32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 189KB - Virtual size: 188KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 189KB - Virtual size: 188KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 5KB - Virtual size: 5KB