445f313798650605dc830cbc86a16f4e

Sharing

Copy URL

Twitter E-mail

General

Target

445f313798650605dc830cbc86a16f4e
Size

222KB
MD5

445f313798650605dc830cbc86a16f4e
SHA1

25c4763902b8ce00e3ac34df8359a1033f343657
SHA256

eae967d275b0872da717353fd212991a0efb3f7f8b6f2a7ce65d9d48f358e6d9
SHA512

acb67c83e549341ad5d8cb74507e669f50bd5f4b21ff5532854bfdd021c8e9f60c3d295b95bc002f18da3bff97bd66b8298f63a565ef0e4464b4bd0500e6526e
SSDEEP

3072:WQVWNQ0cIf6McoiSEnkJfjpRlH83ncUoU9Gm5/HsD1/UFTAgHKIGa:pWFwYiryrpU3cUn4xDx4TAgx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
445f313798650605dc830cbc86a16f4e

Files

445f313798650605dc830cbc86a16f4e
.dll windows:4 windows x86 arch:x86

b14add2624082a01b743bf4ade6e1cd8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFindExtensionA

kernel32

GetVersionExA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetLastError
GetModuleHandleA
FreeLibrary
InterlockedIncrement
InterlockedDecrement
lstrlenA
lstrcmpiA
GetCurrentThreadId
DisableThreadLibraryCalls
GetThreadLocale
GetModuleFileNameA
IsDBCSLeadByte
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
ReleaseMutex
CreateMutexA
GetLocaleInfoA
GetACP
InterlockedExchange
SetThreadPriority
OpenProcess
GetFileTime
CreateMutexW
CreateFileMappingA
CreateFileMappingW
UnmapViewOfFile
VirtualFree
GetSystemDirectoryW
UnlockFileEx
SetVolumeLabelW
SetFileAttributesW
SetCurrentDirectoryW
SearchPathW
RemoveDirectoryW
QueryDosDeviceW
PostQueuedCompletionStatus
MoveFileExW
FlushViewOfFile
MapViewOfFile
FileTimeToSystemTime
LocalFileTimeToFileTime
lstrcpynA
MoveFileW
LockFileEx
GetVolumeInformationW
GetTempPathW
GetTempFileNameW
GetShortPathNameW
GetQueuedCompletionStatus
GetModuleFileNameW
GetLogicalDriveStringsW
GetFullPathNameW
GetFileAttributesW
GetDriveTypeW
GetDiskFreeSpaceW
GetCurrentDirectoryW
GetCompressedFileSizeW
GetBinaryTypeW
FindNextFileW
FindFirstFileW
FindFirstChangeNotificationW
DeleteFileW
DefineDosDeviceW
CreateIoCompletionPort
CreateFileW
CreateDirectoryExW
CreateDirectoryW
CopyFileW
GetSystemDirectoryA
WriteFileEx
WriteFile
UnlockFile
SetVolumeLabelA
SetFilePointer
SetFileAttributesA
SetFileApisToOEM
SetFileApisToANSI
SetEndOfFile
SetCurrentDirectoryA
SearchPathA
ReadFileEx
ReadFile
MoveFileA
LockFile
GetVolumeInformationA
GetTempPathA
GetTempFileNameA
GetShortPathNameA
IsBadWritePtr
IsBadReadPtr
GetUserDefaultLCID
SetEvent
TerminateThread
Sleep
WaitForMultipleObjects
CreateThread
CloseHandle
WaitForSingleObject
CreateEventA
lstrcmpA
lstrcpyA
HeapAlloc
HeapDestroy
HeapFree
HeapCreate
lstrcatA
GetEnvironmentVariableW
PulseEvent
ResetEvent
CreateSemaphoreA
ReleaseSemaphore
ExitThread
ResumeThread
GetCurrentThread
LocalAlloc
LocalFree
SystemTimeToFileTime
GetSystemTime
CompareFileTime
GetProcAddress
SetLastError
FindClose
GetSystemDefaultLCID
FindResourceExA
AreFileApisANSI
CopyFileA
CreateDirectoryA
CreateDirectoryExA
CreateFileA
DeleteFileA
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstFileA
FindNextChangeNotification
FindNextFileA
FlushFileBuffers
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetDriveTypeA
GetFileAttributesA
GetFileInformationByHandle
GetFileSize
GetFileType
GetFullPathNameA
GetLogicalDrives
GetLogicalDriveStringsA
RemoveDirectoryA

oleaut32

VariantTimeToSystemTime
SafeArrayPutElement
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayCreate
VarCmp
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SysReAllocString
GetErrorInfo
VariantClear
SysAllocStringLen
SysStringLen
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
VariantCopy
SysAllocStringByteLen
SetErrorInfo
VariantChangeType
VariantInit
SysStringByteLen
SysFreeString

ole32

ReleaseStgMedium
CoInitializeEx
CoFileTimeNow
CLSIDFromProgID
CoMarshalInterThreadInterfaceInStream
StringFromGUID2
CoCreateInstance
CoUnmarshalInterface
CreateStreamOnHGlobal
CoMarshalInterface
CoGetInterfaceAndReleaseStream
CoReleaseMarshalData
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoGetMalloc
StringFromCLSID
CLSIDFromString
CoCreateFreeThreadedMarshaler
CoGetClassObject

Sections

.text
Size: 183KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b14add2624082a01b743bf4ade6e1cd8

Headers

File Characteristics

Imports

shlwapi

kernel32

oleaut32

ole32

Sections

.text Size: 183KB - Virtual size: 440KB

.bss Size: - Virtual size: 472KB

.pdata Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.tls Size: 4KB - Virtual size: 4KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 183KB - Virtual size: 440KB

.bss
Size: - Virtual size: 472KB

.pdata
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.tls
Size: 4KB - Virtual size: 4KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 20KB - Virtual size: 20KB