2e63b9293f57d42b2eecac6812611315

Sharing

Copy URL Twitter E-mail

General

Target

2e63b9293f57d42b2eecac6812611315
Size

448KB
MD5

2e63b9293f57d42b2eecac6812611315
SHA1

efe3496505ff1c18778f9475214ae219a8f8ff08
SHA256

f80d26f497356d1603a78f8bc2a40fb1ea24f2f20cab680cfcc3a582bdb20125
SHA512

e826c1c4f0a06f57ca08a9c037c155bafcc2036175e3034739cf3453902490da7dcb2ec7e8f0e40ade6e7237665e52a45c81c65c7b9b558923c3de06b4760523
SSDEEP

12288:PV+zA/NnU+sLQUu0iGe6DiGt29ESiXxZUKCBJy26F:9+U/hUPEjz6t27iUKCBJ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e63b9293f57d42b2eecac6812611315

Files

2e63b9293f57d42b2eecac6812611315
.dll windows:5 windows x86 arch:x86

f26bbea8cc130299df9f339750c9fc86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiOpenDeviceInterfaceW
SetupDiOpenClassRegKey
SetupDiGetHwProfileFriendlyNameExW
SetupDiGetDeviceInfoListClass
SetupDiGetClassRegistryPropertyW
SetupDiGetClassDevsA
SetupCommitFileQueueA
CM_Set_HW_Prof_Ex
CM_Request_Device_EjectA
CM_Get_Resource_Conflict_DetailsW
CM_Get_Res_Des_Data_Ex
CM_Get_DevNode_Custom_PropertyW
CM_Enable_DevNode
CM_Disable_DevNode_Ex
CM_Create_Range_List
CMP_Report_LogOn

ntdll

RtlxUnicodeStringToAnsiSize
RtlUpdateTimer
RtlUnicodeToOemN
RtlSetAllBits
RtlNtStatusToDosError
RtlInitUnicodeString
RtlGetUserInfoHeap
RtlGetOwnerSecurityDescriptor
RtlFindClearBitsAndSet
RtlEqualPrefixSid
ZwAdjustPrivilegesToken
RtlDeleteSecurityObject
RtlDeleteAtomFromAtomTable
RtlCreateUserThread
RtlCreateAcl
RtlApplyRXactNoFlush
RtlAddAccessDeniedAceEx
NtSetDefaultLocale
NtReadFileScatter
NtQueryTimerResolution
NtPrivilegeObjectAuditAlarm
NtNotifyChangeDirectoryFile
NtFlushVirtualMemory
NtCloseObjectAuditAlarm
NtAllocateUuids
LdrFlushAlternateResourceModules
ZwCompleteConnectPort
ZwImpersonateThread
RtlEqualComputerName

kernel32

GetCompressedFileSizeA
ExitProcess
EscapeCommFunction
EnumSystemLanguageGroupsA
EnumSystemCodePagesA
EnumDateFormatsExA
EnumCalendarInfoA
DeleteFileA
CreateSemaphoreA
CreateMutexW
CompareStringA
CancelTimerQueueTimer
CancelDeviceWakeupRequest
FindFirstFileExA
FindFirstVolumeMountPointA
FreeUserPhysicalPages
GetCommState
lstrcpyW
lstrcpyA
WriteFileGather
VerifyVersionInfoA
VerLanguageNameW
VerLanguageNameA
SetupComm
SetLastError
SetFilePointerEx
SetCommMask
ResetEvent
PrepareTape
OpenWaitableTimerW
OpenSemaphoreA
MoveFileWithProgressA
LocalSize
LCMapStringA
HeapAlloc
GlobalUnWire
GlobalFindAtomW
GetTickCount
GetProfileIntA
GetProcessPriorityBoost
GetProcAddress
GetPrivateProfileIntW
GetMailslotInfo
GetLocalTime
GetFileSize
GetDateFormatA
GetCommandLineA
FatalAppExitA

version

GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerFindFileA
VerInstallFileA
VerInstallFileW
VerQueryValueA
VerQueryValueW
GetFileVersionInfoA

winmm

midiOutMessage
midiOutGetID
midiOutSetVolume
midiStreamOut
midiStreamPosition
mixerGetDevCapsA
mixerGetDevCapsW
mmTaskBlock
mmGetCurrentTask
midiOutLongMsg
mixerGetLineInfoW

comdlg32

FindTextW
GetOpenFileNameW
GetFileTitleW

user32

PostMessageA
LoadIconA
GetMenu
GetDC
EndDialog
DestroyWindow
DefDlgProcA
CharUpperA
CharToOemA
ActivateKeyboardLayout
SendMessageA
UpdateWindow
RegisterClassA

Exports

Exports

BHffjxKFiDvzcHrjm
IbrMuceFjkkfv
Ihi
KptCZL
Lilheqbckuflfpd
SkXklhWccupwyHvkmry
csgjXecpfR
eHazdsbuiawhrsUulz
ihsv
ihxfjowX
qgrrh
ukopygpzziTu
xnonukvdIx
yoqxp

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 362KB - Virtual size: 667KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f26bbea8cc130299df9f339750c9fc86

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

ntdll

kernel32

version

winmm

comdlg32

user32

Exports

Exports

Sections

.text Size: 58KB - Virtual size: 57KB

.data Size: 362KB - Virtual size: 667KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 58KB - Virtual size: 57KB

.data
Size: 362KB - Virtual size: 667KB

.rsrc
Size: 26KB - Virtual size: 26KB