229fa6904b67fc0cfe652b83343089bd

Sharing

Copy URL

Twitter E-mail

General

Target

229fa6904b67fc0cfe652b83343089bd
Size

437KB
MD5

229fa6904b67fc0cfe652b83343089bd
SHA1

b9240c2d253ab26386ac93c578b3c0b6ba2017b0
SHA256

47ced2bfd3b5b099d3ee70e4917be52f947cddcfd1c8becc428bd8f19c9671d9
SHA512

8f79b3b36f32a685f013e7e68a372f4a29460e7e20ea319a330b03bb97e2ce51986e3355d38e5c22fec161ccc8325634a98dfb8b619faf494562a57ff365a934
SSDEEP

6144:U3SrsbB3SeJZWUdgU59z23GvkomNCufNP4WLzOsYCsiing7AcIf5Bv8KMKG:jrquag4z235oWfNP4Wu6grcUnvd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
229fa6904b67fc0cfe652b83343089bd

Files

229fa6904b67fc0cfe652b83343089bd
.dll windows:4 windows x86 arch:x86

928bd3a26be766b39e35243c91aa9cac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFileExistsA

setupapi

CM_Get_Res_Des_Data_Size
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInterfaceDetailA

user32

ShowWindow
SetWindowsHookExA
SetWindowTextA
SetTimer
SetRectEmpty
SetRect
SetMessageExtraInfo
SetForegroundWindow
SetCursorPos
SetClipboardViewer
SendMessageA
SendInput
SendDlgItemMessageA
ScreenToClient
ReleaseDC
PtInRect
MoveWindow
MessageBoxA
LoadStringA
LoadImageA
KillTimer
IsWindowVisible
IsWindowEnabled
IsChild
InvalidateRect
HideCaret
GetWindowThreadProcessId
GetWindowRect
GetWindowLongA
GetWindow
TranslateMessage
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetParent
GetNextDlgGroupItem
GetMessageA
GetMenuInfo
GetFocus
GetDlgItem
GetDlgCtrlID
GetClientRect
GetClassNameA
GetAsyncKeyState
GetAncestor
FindWindowA
FillRect
EnumChildWindows
EndDialog
EnableWindow
DrawTextA
DispatchMessageA
DialogBoxParamA
DefWindowProcA
CreateWindowExA
ClientToScreen
ChildWindowFromPointEx
CascadeChildWindows
CallNextHookEx
BeginPaint
AttachThreadInput
UnhookWindowsHook
UnhookWindowsHookEx
ValidateRect
WindowFromPoint
mouse_event
wsprintfA
GetTopWindow

kernel32

lstrlenA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
WriteFile
WriteConsoleW
WriteConsoleA
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
VirtualFree
VirtualAlloc
UnmapViewOfFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateProcess
Sleep
SetUnhandledExceptionFilter
SetStdHandle
SetLastError
SetHandleCount
SetFilePointer
SetEvent
SetEndOfFile
RtlUnwind
ResumeThread
ReleaseMutex
ReadFile
QueryPerformanceCounter
ProcessIdToSessionId
OpenFileMappingA
OpenEventA
MultiByteToWideChar
MapViewOfFile
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidCodePage
IsDebuggerPresent
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
HeapSize
HeapReAlloc
CloseHandle
CompareStringA
CreateEventA
CreateFileA
CreateMutexA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
HeapAlloc
HeapCreate
HeapDestroy
HeapFree

gdi32

SetTextColor
SetStretchBltMode
SetMapMode
SetBkMode
SetBkColor
SelectObject
PatBlt
GetTextMetricsA
GetStockObject
GetPaletteEntries
GetObjectA
GetMapMode
EnumObjects
DeleteDC
DPtoLP
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
BitBlt

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegCloseKey

Exports

Exports

GeneratorExit
Member_Get
SystemExit
_DelItem
_setsig
get_io_ptr
get_libpng_ver

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

928bd3a26be766b39e35243c91aa9cac

Headers

File Characteristics

Imports

shlwapi

setupapi

user32

kernel32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 87KB - Virtual size: 87KB

.rdata Size: 217KB - Virtual size: 217KB

.data Size: 112KB - Virtual size: 113KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 87KB - Virtual size: 87KB

.rdata
Size: 217KB - Virtual size: 217KB

.data
Size: 112KB - Virtual size: 113KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 3KB - Virtual size: 3KB