44a46ef1e7075d612340107e322c610c

General

Target

44a46ef1e7075d612340107e322c610c
Size

154KB
MD5

44a46ef1e7075d612340107e322c610c
SHA1

ef6ff5412f2f8650a8aa24ac17ebc78c47447923
SHA256

65703f2736c96579d0eacf5e9b5a3bf3a61c610815279487eac65d4fef1391b2
SHA512

6bdd31e78ed14ebc688e02cba1371e3388fcf091d55d685f9613e88918960a5f384316502f0dfecdf485dc3d7adc595f5502ee3766f0c27df97292a1628db38c
SSDEEP

3072:mabzzCcTv3jOEhEdJPf/UiaW6E/tIQexhxaG1UqQ8cnrH:o2vTOpdhsi6I0Zm3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44a46ef1e7075d612340107e322c610c

Files

44a46ef1e7075d612340107e322c610c
.dll windows:4 windows x86 arch:x86

1c5c22153b8b3d47f9ea8203c55a678f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

GetOpenFileNameW
ChooseFontW
GetSaveFileNameW
CommDlgExtendedError

kernel32

GetModuleHandleA
QueryPerformanceCounter
GetCurrentProcess
GetConsoleKeyboardLayoutNameW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetExitCodeProcess
FindFirstFileW
CopyFileW
FindNextFileW
SetFileAttributesW
MoveFileW
FindClose
SetLastError
OpenProcess
UnregisterWaitEx
RegisterWaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
LoadLibraryExW
FormatMessageW
GetTickCount
CreateEventW
CreateThread
GetCurrentThreadId
OutputDebugStringA
GetCurrentProcessId
ResetEvent
SetEvent
GetFileAttributesExW
ReleaseMutex
WaitForMultipleObjects
CreateMutexW
CloseHandle
WaitForSingleObject
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
LocalAlloc
LocalFree
GetLastError
InterlockedDecrement
InterlockedIncrement
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime
TerminateProcess
DeleteFileW
RemoveDirectoryW
SetEnvironmentVariableW
DisableThreadLibraryCalls
DebugBreak
InitializeCriticalSectionAndSpinCount

oleaut32

DispGetIDsOfNames
CreateErrorInfo
OleCreateFontIndirect
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c5c22153b8b3d47f9ea8203c55a678f

Headers

File Characteristics

Imports

comdlg32

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 112KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 42KB - Virtual size: 41KB

.reloc Size: 512B - Virtual size: 332B

.text
Size: 108KB - Virtual size: 112KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 42KB - Virtual size: 41KB

.reloc
Size: 512B - Virtual size: 332B