b4a954bb396e620a9b3179cd6f035911

Sharing

Copy URL

Twitter E-mail

General

Target

b4a954bb396e620a9b3179cd6f035911
Size

2.0MB
MD5

b4a954bb396e620a9b3179cd6f035911
SHA1

e26ba090e476482a2ba2c8233f54a5e096f2a86a
SHA256

b9f324fa5539974cf6acbda3ad6e9c25d4fe48780b2ab7b1c48e6db7fca035b5
SHA512

ae95bca09f9b90d2a28e8de9a092592670b9cfc3322104fb3b0a8655c58d99699610c3cd4b3221e5422cafd48375a6b4e546602db5a50edd5ef83b3bcd951674
SSDEEP

12288:sVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1Tw:ZfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4a954bb396e620a9b3179cd6f035911

Files

b4a954bb396e620a9b3179cd6f035911
.dll regsvr32 windows:5 windows x64 arch:x64

6668be91e2c948b183827f040944057f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

LookupIconIdFromDirectoryEx
WaitForInputIdle
GetParent
GetFocus

setupapi

CM_Get_Resource_Conflict_DetailsW

kernel32

DeleteCriticalSection
DeleteTimerQueue
TerminateJobObject
GetFileInformationByHandle
GetThreadLocale
GetNamedPipeServerProcessId
GetConsoleFontSize

gdi32

CreateBitmapIndirect
GetPolyFillMode

crypt32

CertGetCTLContextProperty

advapi32

AddAccessDeniedObjectAce

shlwapi

ChrCmpIW

Exports

Exports

?AfxFreeLibrary@@YAHPEAUHINSTANCE__@@@Z
?AfxLoadLibrary@@YAPEAUHINSTANCE__@@PEBG@Z
?AfxLockGlobals@@YAXH@Z
?AfxUnlockGlobals@@YAXH@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.qkm
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cvjb
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tlmkv
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wucsxe
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fltwtj
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sfplio
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rpg
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bewzc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vksvaw
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wmhg
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nfuu
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cqcgue
Size: 4KB - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edydzn
Size: 4KB - Virtual size: 539B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fgoks
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fdf
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtchk
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ewjpbx
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bywri
Size: 4KB - Virtual size: 431B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ggq
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.czyy
Size: 4KB - Virtual size: 905B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qiqw
Size: 4KB - Virtual size: 1022B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ngyo
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jkcqty
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6668be91e2c948b183827f040944057f

Headers

DLL Characteristics

File Characteristics

Imports

user32

setupapi

kernel32

gdi32

crypt32

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 260KB - Virtual size: 257KB

.rdata Size: 404KB - Virtual size: 403KB

.data Size: 96KB - Virtual size: 94KB

.pdata Size: 4KB - Virtual size: 300B

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 12KB - Virtual size: 8KB

.qkm Size: 4KB - Virtual size: 1KB

.cvjb Size: 8KB - Virtual size: 7KB

.tlmkv Size: 4KB - Virtual size: 2KB

.wucsxe Size: 280KB - Virtual size: 276KB

.fltwtj Size: 8KB - Virtual size: 4KB

.sfplio Size: 4KB - Virtual size: 1KB

.rpg Size: 280KB - Virtual size: 276KB

.bewzc Size: 8KB - Virtual size: 4KB

.vksvaw Size: 4KB - Virtual size: 1KB

.wmhg Size: 8KB - Virtual size: 4KB

.nfuu Size: 280KB - Virtual size: 276KB

.cqcgue Size: 4KB - Virtual size: 503B

.edydzn Size: 4KB - Virtual size: 539B

.fgoks Size: 4KB - Virtual size: 2KB

.fdf Size: 8KB - Virtual size: 7KB

.qtchk Size: 4KB - Virtual size: 1KB

.ewjpbx Size: 280KB - Virtual size: 276KB

.bywri Size: 4KB - Virtual size: 431B

.ggq Size: 8KB - Virtual size: 4KB

.czyy Size: 4KB - Virtual size: 905B

.qiqw Size: 4KB - Virtual size: 1022B

.ngyo Size: 4KB - Virtual size: 2KB

.jkcqty Size: 28KB - Virtual size: 27KB

.text
Size: 260KB - Virtual size: 257KB

.rdata
Size: 404KB - Virtual size: 403KB

.data
Size: 96KB - Virtual size: 94KB

.pdata
Size: 4KB - Virtual size: 300B

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 12KB - Virtual size: 8KB

.qkm
Size: 4KB - Virtual size: 1KB

.cvjb
Size: 8KB - Virtual size: 7KB

.tlmkv
Size: 4KB - Virtual size: 2KB

.wucsxe
Size: 280KB - Virtual size: 276KB

.fltwtj
Size: 8KB - Virtual size: 4KB

.sfplio
Size: 4KB - Virtual size: 1KB

.rpg
Size: 280KB - Virtual size: 276KB

.bewzc
Size: 8KB - Virtual size: 4KB

.vksvaw
Size: 4KB - Virtual size: 1KB

.wmhg
Size: 8KB - Virtual size: 4KB

.nfuu
Size: 280KB - Virtual size: 276KB

.cqcgue
Size: 4KB - Virtual size: 503B

.edydzn
Size: 4KB - Virtual size: 539B

.fgoks
Size: 4KB - Virtual size: 2KB

.fdf
Size: 8KB - Virtual size: 7KB

.qtchk
Size: 4KB - Virtual size: 1KB

.ewjpbx
Size: 280KB - Virtual size: 276KB

.bywri
Size: 4KB - Virtual size: 431B

.ggq
Size: 8KB - Virtual size: 4KB

.czyy
Size: 4KB - Virtual size: 905B

.qiqw
Size: 4KB - Virtual size: 1022B

.ngyo
Size: 4KB - Virtual size: 2KB

.jkcqty
Size: 28KB - Virtual size: 27KB