172dc5ba20d5a1d814c2bd580cb12875

Sharing

Copy URL Twitter E-mail

General

Target

172dc5ba20d5a1d814c2bd580cb12875
Size

28KB
MD5

172dc5ba20d5a1d814c2bd580cb12875
SHA1

5af2bace0cef8d8a4c51a6d80210bfb4f7d472c3
SHA256

04793ede54fc84f7482509688ef309206f5466c35c046dfd78fee1142096000f
SHA512

8130d66b9761c296944189fbefdcf30938ed7e770727ad4eddb14c1834c374f9e97181caa08a7a0a88038e86307fdd7b7e814a3a21ed71544326f85f10da3198
SSDEEP

384:/n5o8dQnMWSvSlAyl6EuSOMRMgsUt13/8xD6d6PpUHUMocCMy1vj1oiZMHexeFup:PpqevSq8ROuMg1L0xD9PFrOHxmHJS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
172dc5ba20d5a1d814c2bd580cb12875

Files

172dc5ba20d5a1d814c2bd580cb12875
.dll windows:4 windows x86 arch:x86

7118f8e5076bd0034dfbe0e7f1013dbc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

TranslateMessage
SetWindowLongA
CreateWindowExA
SetFocus
SetDlgItemTextA
SetCursor
SetCapture
SendMessageA
ReleaseDC
ReleaseCapture
RegisterClassExA
PostQuitMessage
PostMessageA
MoveWindow
MessageBoxExA
MessageBoxA
LockWindowUpdate
LoadStringA
LoadMenuA
TrackPopupMenu
LoadCursorA
LoadBitmapA
IsMenu
IsDlgButtonChecked
IsClipboardFormatAvailable
GetWindowRect
GetSystemMetrics
GetSysColor
GetSubMenu
GetMessageA
GetMenuItemCount
GetMenu
GetInputState
GetDlgItemTextA
GetDlgItem
GetDC
GetClientRect
FillRect
EndDialog
EnableMenuItem
ShowWindow
LoadIconA
SetWindowTextA
DrawTextA
DispatchMessageA
DestroyWindow
DefWindowProcA
DefDlgProcA
DdeCreateDataHandle
DdeCmpStringHandles
CreateDialogParamA
CheckMenuItem
CallWindowProcW
CallWindowProcA
UpdateWindow
wsprintfA

kernel32

lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcatA
WriteFile
SystemTimeToTzSpecificLocalTime
SleepEx
Sleep
RtlZeroMemory
RtlMoveMemory
ReadFile
OpenMutexA
LoadLibraryExA
LoadLibraryA
InitAtomTable
HeapAlloc
GetTickCount
GetSystemTime
GetProcessHeaps
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetLastError
GetCurrentDirectoryA
GetCommandLineA
FreeLibrary
FlushViewOfFile
FillConsoleOutputCharacterA
ExitThread
ExitProcess
DeviceIoControl
DeleteAtom
CreateFileA
CloseHandle
BeginUpdateResourceA
Beep
AddAtomA

ole32

CoInitialize
CoUninitialize

gdi32

SetTextColor
SetBkColor
GetGlyphIndicesA
GetDeviceCaps
DeleteObject
CreateSolidBrush
CreateFontIndirectA

comdlg32

GetOpenFileNameA
ChooseFontA
ChooseColorA
GetSaveFileNameA

Exports

Exports

pbryqu

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7118f8e5076bd0034dfbe0e7f1013dbc

Headers

File Characteristics

Imports

user32

kernel32

ole32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 71KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 71KB

.reloc
Size: 2KB - Virtual size: 2KB