148128a230515c8c4d71eeefb674e332

Sharing

Copy URL

Twitter E-mail

General

Target

148128a230515c8c4d71eeefb674e332
Size

152KB
MD5

148128a230515c8c4d71eeefb674e332
SHA1

db512a76fc72325702c82b60eea19243ee742e68
SHA256

6677b54d929047d27a84e10f5a6d883cfc04b4e47866c415b08b075fc4cb9d07
SHA512

e990ef1a47f760350a80d6cf7785f3bb3c2ff8b0f1b01b2e3a4da112f1dded44482dc19349b8b66fb94d5618a5ac3c5122becce214dfd692b0b68e5894ece803
SSDEEP

3072:+eNA2wZOObqPKlin6bbnH2KLVoRv52b8IJ7LKC:+4AA9KcEbnHzL42jU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
148128a230515c8c4d71eeefb674e332

Files

148128a230515c8c4d71eeefb674e332
.dll windows:4 windows x86 arch:x86

57d9aebecf49a972498cc6b7d314b90c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
WideCharToMultiByte
lstrlenA
CreateDirectoryA
GetTempPathA
GetPrivateProfileStructA
WritePrivateProfileSectionA
LoadResource
LockResource
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InitializeCriticalSectionAndSpinCount
GetCurrentThread
GetCurrentProcess
GetSystemDirectoryW
GetVolumePathNameW
GetVolumeInformationW
CreateMutexW
WaitForSingleObject
ReleaseMutex
GetDriveTypeW
InterlockedDecrement
InterlockedIncrement
FindResourceExW
GetStringTypeA
LCMapStringW
lstrcpyA
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
HeapAlloc
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapFree
GetStringTypeW
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
ExitProcess
GetVersion
RtlUnwind
LocalFree
LocalAlloc
FormatMessageA
FormatMessageW
OpenEventA
OpenSemaphoreA
OutputDebugStringA
GlobalUnlock
CopyFileA
SetVolumeLabelA
InterlockedExchange
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcmpW
GetExitCodeThread
GetVersionExW
GetPrivateProfileStringW
GlobalFree
SearchPathW
GetWindowsDirectoryW
CreateFileW
lstrcmpiW
CloseHandle
GlobalAlloc
lstrcpyW
CreateThread
Sleep
GetModuleHandleW
lstrcpynW
lstrlenW
LoadLibraryW
GetProcAddress
FreeLibrary
DisableThreadLibraryCalls
GetCommandLineA
LCMapStringA
VirtualProtect

user32

SetWindowLongW
GetParent
CheckDlgButton
IsDlgButtonChecked
DialogBoxParamW
LoadImageW
MapDialogRect
SetWindowPos
DestroyIcon
GetWindowRect
GetSystemMetrics
CreateDesktopA
FindWindowA
OemToCharA
CharToOemBuffA
IsCharLowerA
PostMessageW
SendMessageW
LoadStringW
MessageBoxW
RegisterWindowMessageA
ShowWindow
GetDlgItem
SetForegroundWindow
EndDialog
SetDlgItemTextW
wsprintfW
SetFocus
EnableWindow
SendDlgItemMessageW
WinHelpW
CharNextW
CharPrevW
GetDlgItemTextW
DialogBoxParamA

advapi32

GetNamedSecurityInfoW
GetAclInformation
GetAce
IsValidSid
GetLengthSid
CopySid
GetSecurityDescriptorOwner
LogonUserW
GetSecurityDescriptorLength
MakeSelfRelativeSD
ConvertSidToStringSidW
OpenThreadToken
OpenProcessToken
GetTokenInformation
SetSecurityDescriptorControl
AddAccessAllowedAceEx
SetNamedSecurityInfoW
RegSetValueW
GetSecurityDescriptorControl
EqualSid
GetSecurityDescriptorDacl
ConvertStringSidToSidW
BuildTrusteeWithSidW
GetEffectiveRightsFromAclW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
RegQueryValueExW
IsValidSecurityDescriptor
RegCloseKey
CloseServiceHandle
ChangeServiceConfigA
AbortSystemShutdownA
RegQueryValueExA
IsTextUnicode

gdi32

CreateFontIndirectW
CreateDCA
GetOutlineTextMetricsA
DeleteObject
GetObjectW

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57d9aebecf49a972498cc6b7d314b90c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 44KB - Virtual size: 78KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 44KB - Virtual size: 78KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB