068ebcd7ec362fe80a0f2fb8c54057b2

Sharing

Copy URL Twitter E-mail

General

Target

068ebcd7ec362fe80a0f2fb8c54057b2
Size

290KB
MD5

068ebcd7ec362fe80a0f2fb8c54057b2
SHA1

7f2dc2cfc2d90f01f66f9e876f05898a5f97cc33
SHA256

e3baa6cd2f796ca50ecd380ba82d39654b7f027225e974a04f2089952fa6eec5
SHA512

203e8eeb082dc4cd5d9306f3d5a4402303d68381bbf271bcb77d4c57ce87e7ed3b2426c8ca1f358a632640d4b7b8f0d35899ce4946156bd18c58985b73641d10
SSDEEP

6144:bBcqsxgz+s+ipv5KCOmCmfTeSlllhe3TdoH6TB/9K:bhkieCySlrheTGH6Ta

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
068ebcd7ec362fe80a0f2fb8c54057b2

Files

068ebcd7ec362fe80a0f2fb8c54057b2
.dll windows:4 windows x86 arch:x86

a8e997fb3fcce35fd0904e6d3a753ede

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

log
strcpy
strlen
strncmp
memchr
strcmp
sin
rand
cos
pow
??3@YAXPAX@Z
memset
_adjust_fdiv
_initterm
floor
calloc
_CIpow
fabs
sqrt
free
??2@YAPAXI@Z
isalnum
sprintf
strncpy
srand
realloc
malloc
memmove
ceil
memcpy
exp
_purecall

kernel32

FlushInstructionCache
SetLastError
VirtualQuery
GetSystemInfo
VirtualAlloc
DeviceIoControl
CloseHandle
CreateFileA
SetPriorityClass
GetCurrentProcess
GetVersionExA
DisableThreadLibraryCalls
VirtualProtect
MulDiv
HeapAlloc
GetProcessHeap
HeapFree
GetVersion

iphlpapi

GetAdaptersInfo

user32

GetClientRect
SetScrollRange
SetPropA
GetSysColor
DrawFrameControl
SetRect
GetSystemMetrics
GetSysColorBrush
DrawEdge
GetWindowRect
GetParent
OffsetRect
GetWindowDC
ReleaseDC
CopyRect
MapWindowPoints
CallWindowProcA
PtInRect
SetCapture
SetTimer
KillTimer
ReleaseCapture
GetMessagePos
ScreenToClient
GetCursorPos
RemovePropA
GetWindowLongA
ShowScrollBar
SetWindowLongA
SetScrollInfo
SetScrollPos
GetScrollRange
GetScrollPos
GetScrollInfo
EnableScrollBar
SendMessageA
SetWindowPos
GetPropA
FillRect

gdi32

ExtTextOutA
CreatePatternBrush
SetBrushOrgEx
PatBlt
CreateCompatibleDC
CreateBitmap
UnrealizeObject
SelectObject
CreateCompatibleBitmap
SetBkColor
BitBlt
GetStockObject
SetTextColor
DeleteObject
DeleteDC

Exports

Exports

_resetstkoflw
lrand48
srand48
ttpcomm_getversion

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

text
Size: 512B - Virtual size: 119B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8e997fb3fcce35fd0904e6d3a753ede

Headers

File Characteristics

Imports

msvcrt

kernel32

iphlpapi

user32

gdi32

Exports

Exports

Sections

.text Size: 142KB - Virtual size: 142KB

text Size: 512B - Virtual size: 119B

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 26KB - Virtual size: 150KB

.tls Size: 512B - Virtual size: 28B

.reloc Size: 100KB - Virtual size: 100KB

.text
Size: 142KB - Virtual size: 142KB

text
Size: 512B - Virtual size: 119B

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 26KB - Virtual size: 150KB

.tls
Size: 512B - Virtual size: 28B

.reloc
Size: 100KB - Virtual size: 100KB