0811b55961685ee12d86a6ce0a4649d0

Sharing

Copy URL Twitter E-mail

General

Target

0811b55961685ee12d86a6ce0a4649d0
Size

205KB
MD5

0811b55961685ee12d86a6ce0a4649d0
SHA1

05aabbb6e0e314f274455f770e122986a3aec4bb
SHA256

c1b8e599cfd16c756f1b627766bdd3d573d94157444d02b6c0c66c39b48e25d8
SHA512

bd8b945ec7c1e0516928385bbca53c742884992ca841aa845b8d1bfe04e02e32fa3301d9ec88e00950fa18f3957f1dcca09e5873d4613aef0d103ca36aa0414f
SSDEEP

6144:E9zXmN9dDQvoyOjUslc9TaWltdgMtGov1jN:KXm5DqOxdydnGovNN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0811b55961685ee12d86a6ce0a4649d0

Files

0811b55961685ee12d86a6ce0a4649d0
.dll windows:4 windows x86 arch:x86

dd21a0545350adf0bf4d69394ff80cf9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SysAllocStringLen
SafeArrayGetUBound
SysFreeString
SafeArrayCreate
GetErrorInfo
RegisterTypeLib
SafeArrayPtrOfIndex
OleLoadPicture
VariantCopyInd

msvcrt

acos
wcschr
strcmp
memcpy
tan

advapi32

RegOpenKeyExA

shell32

SHGetFileInfoA
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHFileOperationA

user32

WindowFromPoint
RegisterClassA
EnumThreadWindows
GetClassInfoA
CharNextA
LoadBitmapA
WaitMessage
PtInRect
GetMessagePos
SetCapture
ClientToScreen
GetSystemMetrics
DrawTextA
DestroyCursor
DispatchMessageA
SetTimer
IsRectEmpty
IsDialogMessageA
MoveWindow
RemoveMenu
UnhookWindowsHookEx
ScrollWindow
RemovePropA
IsWindowEnabled
MessageBeep
TranslateMessage
IsWindow
GetWindowLongA
ReleaseDC
PeekMessageA
GetMenuItemInfoA
GetCursor
ReleaseCapture
SetWindowLongW
RedrawWindow
GetWindowThreadProcessId
InflateRect
SendMessageA
AdjustWindowRectEx
SetScrollInfo
DefMDIChildProcA
InsertMenuItemA
GetWindowDC
ShowWindow
SendMessageW
SetPropA
GetDlgItem
GetKeyboardLayout
GetActiveWindow
IsDialogMessageW
GetWindow
SetScrollPos
SetFocus
InsertMenuA
RegisterWindowMessageA
SetRect
CreateIcon
GetMenuItemCount
GetSysColor
GetKeyState
IsWindowVisible
TrackPopupMenu
IsZoomed
InvalidateRect
GetParent
CharLowerA
SetClipboardData
GetPropA
OpenClipboard
SetActiveWindow
SetClassLongA
GetClipboardData
GetScrollRange
ShowOwnedPopups
GetMenuItemID
ShowScrollBar
ActivateKeyboardLayout
wsprintfA
ChildWindowFromPoint
GetClassLongA
FindWindowA
MsgWaitForMultipleObjects
GetLastActivePopup
EnableMenuItem
GetKeyboardLayoutNameA
DestroyWindow
SetMenu
GetKeyboardType
GetMenu
BeginPaint
MapVirtualKeyA
IntersectRect
CallWindowProcA
DrawEdge
PostMessageA
GetDCEx
GetClientRect
DestroyMenu
MessageBoxA
RegisterClipboardFormatA
GetForegroundWindow
GetCapture
DrawAnimatedRects
GetScrollPos
EnableWindow
DeleteMenu
FrameRect
CheckMenuItem
SetWindowsHookExA
OemToCharA
GetDC
GetIconInfo
OffsetRect
GetTopWindow
PostQuitMessage
SetWindowLongA
LoadKeyboardLayoutA
PeekMessageW
GetKeyboardState
GetWindowRect
GetMenuStringA
IsWindowUnicode
DestroyIcon
GetScrollInfo

comdlg32

GetSaveFileNameA
ChooseColorA
FindTextA
GetOpenFileNameA

ole32

CoRevokeClassObject
MkParseDisplayName
CoCreateInstanceEx
CLSIDFromString
GetHGlobalFromStream
CoCreateFreeThreadedMarshaler

kernel32

FreeResource
LoadResource
SizeofResource
lstrlenA
LocalReAlloc
GlobalAddAtomA
CreateEventA
MoveFileA
GetCPInfo
WaitForSingleObject
FindFirstFileA
GetStdHandle
GetFileType
GetModuleHandleA
lstrcmpiA
LoadLibraryExA
VirtualAllocEx
LockResource
HeapAlloc
CloseHandle
GetCurrentThreadId
GlobalAlloc
GetUserDefaultLCID
ExitProcess
FindResourceA
GetFileAttributesA
SetHandleCount
SetLastError
InitializeCriticalSection
GetVersionExA
VirtualFree
GetLastError
GetEnvironmentStrings
GetFileSize
GetStringTypeA
EnumCalendarInfoA
lstrcpynA
GetProcessHeap
ResetEvent
GetCurrentProcess
GetVersion
ExitThread
SetFilePointer
MoveFileExA
DeleteCriticalSection
GetACP
GetStartupInfoA
WriteFile
WideCharToMultiByte
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
CreateFileA
GetDiskFreeSpaceA
GetSystemDefaultLangID
GetProcAddress
CompareStringA
ReadFile
lstrcpyA
GetCommandLineA
HeapFree
EnterCriticalSection
VirtualAlloc
GlobalFindAtomA
LocalAlloc
GetDateFormatA

shlwapi

SHSetValueA
SHStrDupA
PathFileExistsA
SHDeleteKeyA
SHQueryValueExA
SHDeleteValueA
SHEnumValueA
PathIsDirectoryA

Sections

CODE
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd21a0545350adf0bf4d69394ff80cf9

Headers

File Characteristics

Imports

oleaut32

msvcrt

advapi32

shell32

user32

comdlg32

ole32

kernel32

shlwapi

Sections

CODE Size: 30KB - Virtual size: 30KB

.data Size: 1024B - Virtual size: 168KB

.bss Size: 171KB - Virtual size: 171KB

.reloc Size: 512B - Virtual size: 62B

CODE
Size: 30KB - Virtual size: 30KB

.data
Size: 1024B - Virtual size: 168KB

.bss
Size: 171KB - Virtual size: 171KB

.reloc
Size: 512B - Virtual size: 62B