42223b20a429793fd095d46b0c0c7f64

Sharing

Copy URL Twitter E-mail

General

Target

42223b20a429793fd095d46b0c0c7f64
Size

829KB
MD5

42223b20a429793fd095d46b0c0c7f64
SHA1

9a4980c0a81c7bc5a0895191187c8cbd49e3816f
SHA256

d1bc4f03f9d9b3f10c693df63aa22dc3ed4ab8e96cb31fa852b3ba54a57184ce
SHA512

92c2fd2a139c0ccf3e7cb57d60fe74dd26906cb5e1b8074037b30c37c0fb1138dfa3036b0325da212c33a35af5e19ce0e8534821274040a8fbce84d320be521c
SSDEEP

12288:wxW7RkXzw/L6htlTxBNEYHx4LfP87Nszf3MkRFQyuDAYfG25LDSGPz3o0uivi:w1eqlNBaS4LfP87eUTAYeCSYo0b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42223b20a429793fd095d46b0c0c7f64

Files

42223b20a429793fd095d46b0c0c7f64
.exe windows:5 windows x86 arch:x86

2513f5136aabe146fe506c239b2eece0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

atl

AtlModuleUpdateRegistryFromResourceD
AtlUnadvise
DllCanUnloadNow
AtlModuleRegisterWndClassInfoA
AtlHiMetricToPixel
AtlMarshalPtrInProc
AtlAxGetHost
AtlModuleRegisterTypeLib
AtlGetObjectSourceInterface
AtlFreeMarshalStream
AtlAxDialogBoxA
AtlModuleUnRegisterTypeLib
AtlRegisterClassCategoriesHelper
AtlAxDialogBoxW
DllUnregisterServer
AtlIPersistStreamInit_Load
AtlModuleAddTermFunc
AtlModuleRegisterClassObjects
AtlAxCreateControl
AtlModuleUnregisterServerEx

user32

RegisterRawInputDevices
DdeAddData
DdeFreeStringHandle
PostMessageA
DrawMenuBar
LoadCursorFromFileW
GetClassInfoExA
ModifyMenuW
LockWindowStation
UnloadKeyboardLayout
CreateCaret
CharUpperBuffA

adsldpc

BuildADsParentPath
?SetAtDisabler@CLexer@@QAEXH@Z
BuildADsPathFromParent
LdapTypeToAdsTypeUTCTime
FindSearchTableIndex
ADSIAbandonSearch
?GetNextToken@CLexer@@QAEJPAGPAK@Z
ADSICloseSearchHandle
ADsSetObjectAttributes
LdapGetNextPageS
LdapReadAttributeFast
LdapModifyExtS
ADsDeleteAttributeDefinition
LdapGetSyntaxOfAttributeOnServer
ADSIGetNextColumnName
FindEntryInSearchTable
ADSISetObjectAttributes
BuildADsPathFromLDAPPath2
SchemaAddRef
BuildLDAPPathFromADsPath2
SchemaGetPropertyInfo
LdapNextAttribute
SchemaGetSyntaxOfAttribute
LdapNextEntry
LdapInitializeSearchPreferences
LdapGetDn
MapLDAPTypeToADSType
MapADSTypeToLDAPType
ADsGetLastError

kernel32

RemoveDirectoryA
AddLocalAlternateComputerNameA
GetCommConfig
LoadLibraryW
CreateProcessInternalW
IsProcessorFeaturePresent
GetLocaleInfoA
CommConfigDialogW
SetEnvironmentVariableW
GlobalSize
SignalObjectAndWait
GetThreadLocale
GetLogicalDriveStringsW
SetComPlusPackageInstallStatus
GetModuleHandleA
WriteFileEx
UTUnRegister
GetConsoleInputExeNameA
GetConsoleHardwareState
GetCurrentThread
EnumerateLocalComputerNamesA

winmm

timeKillEvent
mciGetCreatorTask
PlaySound
midiInGetDevCapsW
DefDriverProc
mmTaskYield
mciGetDeviceIDFromElementIDW
mmioStringToFOURCCW
waveOutUnprepareHeader
mmsystemGetVersion
midiStreamClose
joyGetNumDevs
mciFreeCommandResource
mmioSeek
midiInPrepareHeader
mciDriverNotify
waveOutSetVolume
wid32Message
waveOutGetPlaybackRate
midiInGetID
joyConfigChanged
timeEndPeriod
waveOutGetErrorTextA

Sections

.text
Size: 349KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2513f5136aabe146fe506c239b2eece0

Headers

DLL Characteristics

File Characteristics

Imports

atl

user32

adsldpc

kernel32

winmm

Sections

.text Size: 349KB - Virtual size: 348KB

.rdata Size: 82KB - Virtual size: 82KB

.data Size: 181KB - Virtual size: 1.7MB

.rsrc Size: 214KB - Virtual size: 214KB

.reloc Size: 1024B - Virtual size: 828B

.text
Size: 349KB - Virtual size: 348KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 181KB - Virtual size: 1.7MB

.rsrc
Size: 214KB - Virtual size: 214KB

.reloc
Size: 1024B - Virtual size: 828B