ff161b04075dc9de1a9bbf073a25f067

Sharing

Copy URL Twitter E-mail

General

Target

ff161b04075dc9de1a9bbf073a25f067
Size

42KB
MD5

ff161b04075dc9de1a9bbf073a25f067
SHA1

9b32485d3f7bd13ad472318309c5829d90f2a026
SHA256

cf13b09b77a1edab450e5d32845a5a6ff9cd7337f93edc96873082519a84ace1
SHA512

b112532a5a7cd3e454eb84fe16f8c88692ec2696cf826ee388dc2c3789e4eeb70ca51c52fec3782efda0b3768765fab27fc23feb07e63106ef811dfa9d80f2e7
SSDEEP

768:M1W4Yc/2yetau2NIqds2WQiimqBf5/p2Po/q5BIIuqowVoMy:B4Yc/ZmuqoUq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff161b04075dc9de1a9bbf073a25f067

Files

ff161b04075dc9de1a9bbf073a25f067
.dll windows:4 windows x86 arch:x86

67a3c1c6bf9f2a32769b13b79c6d72a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

UpdateWindow
UnregisterHotKey
TranslateMessage
ShowWindow
SetWindowTextA
SetTimer
SetForegroundWindow
SetFocus
SetCursorPos
SetClassLongA
RegisterHotKey
wsprintfA
RegisterClassExW
MoveWindow
MessageBoxA
LoadIconA
LoadCursorA
KillTimer
GetWindowTextA
GetWindowRect
GetSystemMetrics
GetMessageA
GetFocus
GetCursorPos
DispatchMessageA
CallWindowProcW
RegisterClassExA
DestroyWindow
DefWindowProcA
CreateWindowExA
ChangeDisplaySettingsA

kernel32

lstrlenA
lstrcmpiA
lstrcatA
WriteFile
SystemTimeToFileTime
Sleep
SetSystemPowerState
RtlMoveMemory
ReadFile
OpenMutexA
LoadLibraryA
GetTickCount
GetSystemTime
GetProcessHeaps
GetModuleHandleA
GetCommandLineA
FlushViewOfFile
FindAtomA
ExitThread
ExitProcess
CreateFileA
CloseHandle
Beep
AddAtomA
LoadLibraryExA

shell32

ShellAboutA

advapi32

GetSecurityInfo
GetMultipleTrusteeOperationA
GetMultipleTrusteeA
GetLengthSid

gdi32

RemoveFontResourceA
SetTextCharacterExtra
GetWindowExtEx
GetROP2
GetPolyFillMode
GetPixelFormat
GetPixel

ws2_32

socket
setsockopt
recv
connect

ntdll

RtlGetAce
RtlFreeHeap
RtlFreeHandle
NtQueryEaFile
NtOpenDirectoryObject
NtCreateTimer
NtCreateNamedPipeFile
NtCreateDirectoryObject
NtCancelTimer
NtCallbackReturn

Exports

Exports

pkunze

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67a3c1c6bf9f2a32769b13b79c6d72a9

Headers

File Characteristics

Imports

user32

kernel32

shell32

advapi32

gdi32

ws2_32

ntdll

Exports

Exports

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 9KB - Virtual size: 79KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 9KB - Virtual size: 79KB

.reloc
Size: 4KB - Virtual size: 4KB