10f63ca17ed86f94ffb3cba0906a6008

Sharing

Copy URL Twitter E-mail

General

Target

10f63ca17ed86f94ffb3cba0906a6008
Size

80KB
MD5

10f63ca17ed86f94ffb3cba0906a6008
SHA1

8e21a1dd19ccf81624f6fa0449696ce29ea29b6d
SHA256

d00767edbabed2729c689aafe1a7c996d7c59d3e30a3cd0cc2f5d26b198310b3
SHA512

665080b80241482480a67a524a297b2388d6ae9b52fe0ab729fd36484302cb5f34ae3f3103a7fa33c648937c7c66871016e4db9b6a49652a18cbdad8b4366abc
SSDEEP

1536:kDqfF8XOoVT4/qtT6DmtAXXoCboEelMoKwyKPWs50WjkJSV8:DfF8+oVk/qtT6qtQXoELjkuWws

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10f63ca17ed86f94ffb3cba0906a6008

Files

10f63ca17ed86f94ffb3cba0906a6008
.dll windows:4 windows x86 arch:x86

9e97c75cff67061c03f7feb4ded4fab9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStdHandle
GlobalUnlock
GetModuleHandleW
GetFileSize
FindResourceW
TerminateThread
OutputDebugStringA
GetCurrentThreadId
GetVolumeNameForVolumeMountPointW
ExitProcess
GetModuleHandleA
GetLocaleInfoW
CreatePipe
LeaveCriticalSection
GetTempPathW
VirtualAlloc
GetSystemTime
GetProcAddress
FreeEnvironmentStringsA
DuplicateHandle
FreeEnvironmentStringsW
GetVersionExW
_lclose
LoadLibraryA
LoadLibraryA
MapViewOfFile
InterlockedDecrement
GetModuleFileNameA
CompareStringW
DeviceIoControl
GetCommandLineW
GetLastError
GetNumberFormatW
GetFileAttributesW
CreateThread
EnterCriticalSection
FileTimeToLocalFileTime
SetEvent
LocalAlloc
RtlUnwind

msvcrt

__initenv
__p__fmode
__winitenv
towupper
exit
_wtol
__wgetmainargs
ispunct
fflush
memcpy
toupper
wcscmp
wcslen

user32

DefWindowProcA
GetThreadDesktop
DrawTextW
EnableMenuItem
SetWindowPos
DrawIcon
LoadStringW
IsWindowVisible
DrawMenuBar
PostMessageA
ModifyMenuW
SetTimer
SetWindowTextW
OffsetRect
MapWindowPoints
LoadIconA
GetClipboardData
RedrawWindow
CharUpperW
CloseClipboard
ReleaseCapture
RegisterClassExW
ScreenToClient
SetScrollPos
LoadMenuW
SystemParametersInfoW
SendMessageA
FillRect
GetDlgItemTextA
IsRectEmpty

gdi32

SetMapMode
GetObjectW
SaveDC
MoveToEx
CreateCompatibleDC
GetTextMetricsW
CreatePen
CreateCompatibleBitmap
SelectObject
PatBlt
BitBlt
CreatePalette
GetStockObject
SelectPalette
SetTextColor
DeleteObject

opengl32

glVertex3fv
glMap1f
glRasterPos4dv
glClearIndex
glGetBooleanv
glTexCoord4iv
glPixelTransferi

Exports

Exports

PxmtBzjiYtzbe
MhyfkzPlicZrh
XxsBqnrlm
RpJylglRgcydBkhujvgBl
LrbvdzjJc

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.msm
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e97c75cff67061c03f7feb4ded4fab9

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 4KB

.msm Size: 1KB - Virtual size: 1KB

.rsrc Size: 65KB - Virtual size: 65KB

.reloc Size: 512B - Virtual size: 64B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 4KB

.msm
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 65KB - Virtual size: 65KB

.reloc
Size: 512B - Virtual size: 64B