2621b049ee70857951d6cb8b2d1bb91a

Sharing

Copy URL Twitter E-mail

General

Target

2621b049ee70857951d6cb8b2d1bb91a
Size

178KB
MD5

2621b049ee70857951d6cb8b2d1bb91a
SHA1

883abde770e4037f8916a620b1ade7365f2c43d3
SHA256

22ce5fcdb44d98c53da129fb432a52ec64090db541d667d181eff33068f47563
SHA512

2c44524f3323bce8e2cb62dc021c1d904c4dd65c3d39df874d95fd8561c1539651c2b96486c1ee432b92a5e16c8511436edcf95b573bda52e007948918974ca1
SSDEEP

3072:WXnqJ0miDOc56AoZgNHb5gVCPocrsEriEJA+OKt/PGBtwCi1Zbd8nF8FH:W6JWOc5R91Hn2OecJd8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2621b049ee70857951d6cb8b2d1bb91a

Files

2621b049ee70857951d6cb8b2d1bb91a
.dll windows:5 windows x86 arch:x86

0e8b77442606783770bbdaf99dc38f22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupQuerySourceListW
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiEnumDeviceInfo
SetupFreeSourceListW

kernel32

CopyFileW
CreateFileA
CreateProcessW
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTapeParameters
GetTickCount
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalReAlloc
HeapAlloc
CloseHandle
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
LCMapStringA
LCMapStringW
LeaveCriticalSection
LocalAlloc
LocalFree
LocalUnlock
MultiByteToWideChar
OpenThread
PostQueuedCompletionStatus
QueryPerformanceCounter
QueueUserAPC
RtlUnwind
RtlZeroMemory
SetFilePointer
SetHandleCount
SetInformationJobObject
SetLastError
SetProcessWorkingSetSize
SetStdHandle
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
_lclose
lstrlenW
AllocateUserPhysicalPages
HeapCreate

shell32

FreeIconList
SHBindToParent
ExtractIconW

advapi32

RegSetValueExW
RegQueryValueExW
RegOverridePredefKey
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

Exports

Exports

FMissingCert
HrCheckTridentMenu
HrRtreamSeekCur
HriCreatePhonebookEntry
IsHttpUrlA
OpenWFileStreamWithFlags
WriteStreamToFile

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e8b77442606783770bbdaf99dc38f22

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

shell32

advapi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 27KB - Virtual size: 27KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 27KB - Virtual size: 27KB

.rsrc
Size: 6KB - Virtual size: 5KB