00513a0893dd26507da397541a99cd78

Sharing

Copy URL

Twitter E-mail

General

Target

00513a0893dd26507da397541a99cd78
Size

332KB
MD5

00513a0893dd26507da397541a99cd78
SHA1

b6d9725524bf8871bb283eacafe16a421885c957
SHA256

3fe432182cd16bc38e570c4b244507b10f0e305328f127ee51ade0ff29355123
SHA512

df8e186e9c7bc222634bd9a23197bd03edd983f0a2c61aef038eab83d87d7c9d45bf47612664f4b1cfbb0efad33ce2758a059d41e88e3036f97b63d74a681dc4
SSDEEP

3072:1XfTy2lnJ9AuB44nFYJnlCTijZqMNFsjODop6ablIJaAZyaC5uNesbjGd/:1PTygJOuB4IEvQODop6abluagy4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00513a0893dd26507da397541a99cd78

Files

00513a0893dd26507da397541a99cd78
.dll windows:4 windows x86 arch:x86

3b078eb077e2a25759b894679eb1958e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyA

urlmon

CoInternetCreateSecurityManager
IsValidURL

wininet

InternetCrackUrlA
InternetReadFile
InternetTimeToSystemTime
HttpQueryInfoA
InternetErrorDlg
HttpSendRequestA
HttpAddRequestHeadersA
InternetTimeFromSystemTime
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCloseHandle

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shell32

SHGetFileInfoA
ShellExecuteExA

kernel32

FindFirstFileA
GetLongPathNameA
GetModuleFileNameA
lstrcmpiA
GetModuleHandleA
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
lstrlenW
MultiByteToWideChar
lstrlenA
GetLastError
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
GetDiskFreeSpaceA
GetProcAddress
GetCurrentThreadId
LockResource
MulDiv
GlobalUnlock
GlobalLock
GetTempPathA
CloseHandle
GetExitCodeProcess
CreateProcessA
SetLastError
GlobalFree
GlobalHandle
GetTempFileNameA
lstrcatA
WriteFile
SetEndOfFile
SetFilePointer
CompareFileTime
SystemTimeToFileTime
FindClose
FileTimeToSystemTime
GetFileTime
GetFileSize
CreateFileA
lstrcpyA
SetEvent
CreateThread
CreateEventA
GlobalMemoryStatus
GetShortPathNameA
LoadLibraryA
GetSystemDirectoryA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
IsBadCodePtr
IsBadReadPtr
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ReadFile
GetCPInfo
GetOEMCP
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThread
TlsAlloc
HeapSize
TerminateProcess
ExitProcess
IsBadWritePtr
FatalAppExitA
HeapCreate
HeapDestroy
GetCommandLineA
GetSystemTimeAsFileTime
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualProtect
RtlUnwind
lstrcmpA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetCurrentDirectoryA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
SetConsoleCtrlHandler
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToLocalFileTime
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA
Sleep

gdi32

DPtoLP
SetWindowOrgEx
SetViewportOrgEx
ModifyWorldTransform
SetGraphicsMode
SaveDC
StretchBlt
SetBkMode
SetTextColor
RestoreDC
CreateSolidBrush
GetObjectA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
CreateFontIndirectA
GetStockObject

wsock32

gethostbyname
inet_addr
gethostbyaddr
ioctlsocket

comctl32

ord17

wintrust

WinVerifyTrust

shlwapi

PathIsURLA
PathFileExistsA

ole32

StringFromCLSID
OleUninitialize
OleInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
OleLockRunning
CreateStreamOnHGlobal
CoGetClassObject
CLSIDFromString
CLSIDFromProgID

oleaut32

SysStringByteLen
LoadTypeLi
LoadRegTypeLi
VariantInit
VariantClear
OleCreateFontIndirect
SysStringLen
SysAllocStringLen
SysAllocString
VarUI4FromStr
SysFreeString

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 58KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 124KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 132B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b078eb077e2a25759b894679eb1958e

Headers

File Characteristics

Imports

advapi32

urlmon

wininet

version

shell32

kernel32

gdi32

wsock32

comctl32

wintrust

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 58KB - Virtual size: 92KB

.bss Size: - Virtual size: 124KB

.pdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 132B

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 250KB - Virtual size: 249KB

.reloc Size: 4KB - Virtual size: 208B

.text
Size: 58KB - Virtual size: 92KB

.bss
Size: - Virtual size: 124KB

.pdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 132B

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 250KB - Virtual size: 249KB

.reloc
Size: 4KB - Virtual size: 208B