123922a75b3c652a02842ffcb351375e

Sharing

Copy URL

Twitter E-mail

General

Target

123922a75b3c652a02842ffcb351375e
Size

74KB
MD5

123922a75b3c652a02842ffcb351375e
SHA1

bfbfe053c143e9100925e903b94be61fe67120ee
SHA256

d004703d8123c73a5f159d43c5052ae58c9cf67428bb0dded6f7bf4cd819ac35
SHA512

68bc75688a823a25037608ab9b31944443e16f69166103465e56d676a370adc9a71d7486cf673b9b7b297dd79b1c45c18acd7a791c40b809d26c70ca91a7b3b3
SSDEEP

1536:mDNWJE2vWZM+853elCFEFl0dl07tWogxohhXqSOBQ/:ms22gY53elCqk/07tWZxq9F/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
123922a75b3c652a02842ffcb351375e

Files

123922a75b3c652a02842ffcb351375e
.dll windows:4 windows x86 arch:x86

a693420e7638d1f35aa18feeb7fdbc1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CommConfigDialogA
EnumCalendarInfoExA
EnumTimeFormatsW
ExitProcess
ExitThread
FindClose
GetACP
GetAtomNameW
GetCommandLineA
GetCompressedFileSizeA
GetComputerNameA
GetLongPathNameA
GetModuleHandleA
GetProfileIntA
GetShortPathNameW
GetStartupInfoA
GetSystemDefaultLangID
GetSystemDirectoryA
GetTapeParameters
GetTickCount
GetVersionExA
GlobalAddAtomW
GlobalUnfix
Heap32Next
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedExchangeAdd
LocalAlloc
LocalShrink
MoveFileW
QueueUserAPC
ReplaceFileW
RtlMoveMemory
SetFileAttributesW
SetProcessShutdownParameters
SetVolumeMountPointA
TlsSetValue
VerLanguageNameW
WaitCommEvent
WideCharToMultiByte

user32

SetClassLongA
SendMessageTimeoutA
ScreenToClient
ReleaseDC
RegisterWindowMessageA
SetCursor
IsZoomed
InvalidateRgn
GetWindowThreadProcessId
GetWindowRect
GetUserObjectSecurity
TranslateMessage
LoadMenuA
GetMenuCheckMarkDimensions
GetDlgCtrlID
GetCursorPos
GetClassLongA
DispatchMessageA
DestroyIcon
DeferWindowPos
CloseClipboard
GetWindowTextA

advapi32

LsaStorePrivateData
LsaEnumeratePrivilegesOfAccount
LsaAddPrivilegesToAccount
ImpersonateSelf
GetSecurityDescriptorRMControl
GetOldestEventLogRecord
ElfReadEventLogA
ElfClearEventLogFileW
RegisterServiceCtrlHandlerA
DeregisterEventSource
RegSetValueW
RegSaveKeyW
RegOpenKeyExW
RegEnumValueA
QueryServiceConfigW
ProcessTrace
OpenEventLogW
NotifyBootConfigStatus
LsaLookupPrivilegeName
LsaSetSecret
LsaSetInformationPolicy
LsaQuerySecret
AccessCheckByTypeAndAuditAlarmW
AddAccessDeniedAce
BuildTrusteeWithNameA
BuildTrusteeWithSidA
CreateWellKnownSid
CryptSetKeyParam

olepro32

OleIconToCursor
OleTranslateColor

oleacc

CreateStdAccessibleProxyW
GetOleaccVersionInfo
ObjectFromLresult
WindowFromAccessibleObject

oledlg

OleUIBusyA
OleUIBusyW
OleUIConvertA

Sections

.text
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a693420e7638d1f35aa18feeb7fdbc1c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

olepro32

oleacc

oledlg

Sections

.text Size: 43KB - Virtual size: 44KB

.data Size: 27KB - Virtual size: 28KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 43KB - Virtual size: 44KB

.data
Size: 27KB - Virtual size: 28KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB