42868c8803b0f87b74cbece31b4ce6d6

Sharing

Copy URL Twitter E-mail

General

Target

42868c8803b0f87b74cbece31b4ce6d6
Size

63KB
MD5

42868c8803b0f87b74cbece31b4ce6d6
SHA1

a59d324680a863cc8cbe1d29c350094740518789
SHA256

609dd28d1858cdffb6e8ad273bf49d22001a21b19719bca45869492ebf2db6de
SHA512

68c48799ec941f717f69ab8efa3c263ea9ac05bc45997a74ff15e6ffa6b65c6fb9d7a5f1f037beaa59c84a7f52b3548f6787a0b9653dc30bf5c910f3b54033af
SSDEEP

1536:v3fmuXapixjAxk/rpMZ96AmjU0r7mTW0pTZWoE:v3TfWqDprB5j0Oo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42868c8803b0f87b74cbece31b4ce6d6

Files

42868c8803b0f87b74cbece31b4ce6d6
.dll windows:5 windows x86 arch:x86

5c7560c7e408b7d08dfe9d32e0d2a678

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

lsasvm60

_Getcoll
_Cosh
_Mbrtowc
_LPoly
_FDenorm
_Eps
_Getctype
_Nan
_Xbig
_Strxfrm
_LDscale
_LSnan
_LInf
_FDtest
_Sinh
_LDtest
_LExp
_Stof
_FEps
_FCosh
_FRteps
_Dnorm
_Tolower
_LSinh
_Dtest
_Hugeval
_LNan
_Stold
_FNan
_FSinh

kernel32

GetCurrentThread
GetModuleHandleA
UnmapViewOfFile
GetComputerNameA
lstrcatA
VirtualUnlock
GetCommandLineA
GetCurrentProcessId
lstrcmpA
CreatePipe
Sleep
GlobalUnlock
CreateProcessA
GlobalAlloc
LoadLibraryA
WritePrivateProfileStructA
GetVersion
SetFileAttributesA
ReadFile
CreateFileMappingA
WriteProcessMemory
GetFileSize
GlobalLock
lstrlenW
VirtualFree
FindNextFileA
WaitForMultipleObjects
WriteFile
SetFilePointer
DeleteFileA
VirtualLock
OutputDebugStringA
CloseHandle
TerminateProcess
SetCurrentDirectoryA
VirtualQuery
OpenProcess
VirtualAlloc
GetCurrentProcess
FindClose
GetStartupInfoA
VirtualProtectEx
GetTempPathA
ResumeThread
GetProcAddress
ReadProcessMemory
CreateFileA
FindFirstFileA
MapViewOfFile

user32

KillTimer
CheckRadioButton
SetFocus
EnableMenuItem
EndDialog
MoveWindow
IsZoomed
wsprintfA
CharUpperA
CheckMenuRadioItem
SetDlgItemTextA
SetMenuItemInfoA
OpenClipboard
LoadBitmapA
SetClipboardData
ShowWindow
IsWindowEnabled
DialogBoxParamA
GetCursorPos
SetTimer
TrackPopupMenu
IsIconic
GetAsyncKeyState
AppendMenuA
GetSysColorBrush
SetWindowTextA
DestroyIcon
SetForegroundWindow
wvsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

msvcrt

malloc
strncmp
mktime
_timezone
free
strchr

gdi32

SetTextColor
SelectObject
GetDeviceCaps
DeleteObject

advapi32

RegCreateKeyExA
RegOpenKeyExA
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

imagehlp

CheckSumMappedFile
BindImageEx

Exports

Exports

CreateProcessNotify
DllClientCleanup
secetver
DllClientStartup

Sections

.text
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c7560c7e408b7d08dfe9d32e0d2a678

Headers

File Characteristics

Imports

lsasvm60

kernel32

user32

comdlg32

msvcrt

gdi32

advapi32

imagehlp

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 56KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 53KB - Virtual size: 56KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB