041558b2a7362c526f397a834752a850

Sharing

Copy URL Twitter E-mail

General

Target

041558b2a7362c526f397a834752a850
Size

143KB
MD5

041558b2a7362c526f397a834752a850
SHA1

a5d1d8604ef4962b79acb7bdacbc8336cfc39617
SHA256

5be1b8499d24d20440a4f1cbefc258a473ebc0f8fdb51b4c9a6f3d0da3fba61a
SHA512

71db4b9c9e42641d85c957082cee45a703c0b3304d0cec7a0bf0760ece03b9f906fc11ac505d00fad40b5a48ed46a3ecbe1d05f8be811e1d9e5d1d62e8011346
SSDEEP

1536:kqpAkdxSY/MYmh+gTdHozWrzdAJM/BmAKAkxvbBwETzAfSz71aytNd7mlmzIgRCh:O+oY/YdDFZ4AT6prvclOIl+YOQGGnHq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
041558b2a7362c526f397a834752a850

Files

041558b2a7362c526f397a834752a850
.dll windows:5 windows x86 arch:x86

b2745575ab972c4f31c806a79c696aef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

PostQuitMessage
SetActiveWindow
TranslateAcceleratorW
WindowFromPoint
GetParent
DrawFocusRect
MessageBoxExA
CopyAcceleratorTableW
OpenInputDesktop
AppendMenuA
FindWindowW
IsCharAlphaA
SetWindowTextW
LoadMenuA
SetFocus
GetTopWindow
SendInput
FillRect
CreateMenu
ModifyMenuW
CharUpperA
GetActiveWindow
InsertMenuA
CharLowerA
TranslateAcceleratorA
IsCharAlphaNumericW
CharNextExA
CloseDesktop
PostThreadMessageW
CreateDialogIndirectParamW
DestroyAcceleratorTable
wvsprintfW
DrawFrameControl
DrawStateA
GetLastActivePopup
CopyRect
GetForegroundWindow
CheckMenuRadioItem
mouse_event
GetMenuState
WaitForInputIdle
EnumWindows
IsIconic
MessageBoxA
CharUpperBuffW
GetScrollRange
SendMessageA
CharPrevA
LoadIconW
GetMenuItemRect
wsprintfW
GetScrollPos
ClientToScreen
GetScrollInfo
CharToOemA
DeferWindowPos
GetUserObjectInformationW
ScrollWindow
CreateIconFromResource
AdjustWindowRectEx
InvalidateRect
GetMenu
LoadStringW
AllowSetForegroundWindow
DrawIcon
LoadAcceleratorsW
MapVirtualKeyW
SetScrollInfo
ReplyMessage
GetIconInfo
ChildWindowFromPoint
GetCursorPos
GetFocus
SetMenuDefaultItem
FrameRect
OpenDesktopW
GetMenuStringW
wsprintfA
OemToCharA
SetWindowLongA
GetKeyNameTextW
DefDlgProcW
DefWindowProcA
SetSysColors
SetWindowPlacement
CheckRadioButton
RegisterWindowMessageA
ScreenToClient
ShowWindow
UnionRect
CharLowerBuffW
GetDlgItemInt
SendMessageTimeoutA
DefDlgProcA
GetWindowTextLengthW
CreateWindowExA
GetClassLongW
GetNextDlgTabItem
MonitorFromPoint
SetWindowPos
SetScrollRange
LoadBitmapW
EndDialog
GetKeyState
MoveWindow
LoadIconA
RegisterClassExA
SetLastErrorEx
PeekMessageA
GetMessageExtraInfo
VkKeyScanW
SetMenuItemInfoW
SetWindowTextA
CascadeWindows
GetClassNameW
LoadBitmapA
CharNextA
HideCaret
ArrangeIconicWindows
SendNotifyMessageW
EndPaint
SetScrollPos
RegisterClassExW

kernel32

SetFileAttributesA
VirtualQuery
IsBadWritePtr
GetTempPathA
PulseEvent
FindResourceExA
SetFileApisToOEM
CreateFileMappingW
GetFileAttributesExW
WaitForSingleObjectEx
GetStringTypeExW
LeaveCriticalSection
SetPriorityClass
GetOEMCP
CallNamedPipeW
GlobalSize
InitializeCriticalSection
AddAtomW
SetEvent
GetWindowsDirectoryA
CreateSemaphoreW
IsValidLocale
CreateDirectoryW
GetSystemDirectoryW
lstrcmpW
GetStartupInfoA
QueryDosDeviceW
GetModuleHandleA
GetAtomNameA
HeapFree
GlobalHandle
lstrlenA
HeapUnlock
GlobalAddAtomA
IsBadCodePtr
SetCommBreak
CompareStringW
GlobalFindAtomW
GetTickCount
FindNextFileA
SetThreadPriority
MapViewOfFile
GetModuleFileNameA
LocalAlloc
SetLastError
lstrcpynW
GetThreadContext
CreatePipe
lstrcatW
SearchPathA
OpenEventA
GetProcAddress
CreateEventA
GetCommState
SetFilePointer
WaitCommEvent
LocalUnlock

shlwapi

UrlGetPartA

msvcrt

fwrite
system
_controlfp
__set_app_type
atol
__p__fmode
gmtime
__p__commode
strncpy
islower
setlocale
isupper
_amsg_exit
wcschr
wcscmp
malloc
wcsncpy
_initterm
mbstowcs
realloc
mktime
vswprintf
strerror
wcscoll
wcstok
wcstod
_ismbblead
_XcptFilter
towlower
iswxdigit
_exit
sprintf
strstr
swscanf
getc
wcscspn
strcspn
_cexit
clock
fclose
time
__setusermatherr
isdigit
__getmainargs
bsearch
exit
puts

Exports

Exports

H99:O
?RedirectOutputMsg@@YGKPBDDKPAX:O

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cexp
Size: 512B - Virtual size: 111B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.regs
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.citab
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.$dbug
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lime
Size: 512B - Virtual size: 405B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdat
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2745575ab972c4f31c806a79c696aef

Headers

File Characteristics

Imports

user32

kernel32

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.cexp Size: 512B - Virtual size: 111B

.regs Size: 1KB - Virtual size: 1KB

.citab Size: 6KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 168KB

.$dbug Size: 512B - Virtual size: 108B

.lime Size: 512B - Virtual size: 405B

.tdat Size: 512B - Virtual size: 192B

.rsrc Size: 108KB - Virtual size: 108KB

.text
Size: 22KB - Virtual size: 21KB

.cexp
Size: 512B - Virtual size: 111B

.regs
Size: 1KB - Virtual size: 1KB

.citab
Size: 6KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 168KB

.$dbug
Size: 512B - Virtual size: 108B

.lime
Size: 512B - Virtual size: 405B

.tdat
Size: 512B - Virtual size: 192B

.rsrc
Size: 108KB - Virtual size: 108KB