33d3f8457a2c2cca68c7191da3b1c460

Sharing

Copy URL

Twitter E-mail

General

Target

33d3f8457a2c2cca68c7191da3b1c460
Size

136KB
MD5

33d3f8457a2c2cca68c7191da3b1c460
SHA1

25ac686f53d84f291d024919f8b2abb06f8bfedb
SHA256

78e6903a5e53cae7adb8776b3e1587641d13baf7063af9d24d8d9c28f2eb7f2d
SHA512

eaba5df96e8d700f93ea6540f4f0e82593cc5271db02348148807952370f4f44c3218981da34f4e2ad367317eefd490468a529756c5fe3ce8c4ebc301b5e4fce
SSDEEP

1536:3+7CR5TZL3zPbtfx9rujs4jvlFKHAh2pj2hVhEvW3KCyp0BBz5VObsRa0ZPWISTK:1XT53tbclS2hs0z5V4YZPWI0nteWx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33d3f8457a2c2cca68c7191da3b1c460

Files

33d3f8457a2c2cca68c7191da3b1c460
.dll windows:4 windows x86 arch:x86

166dadcccc50067a4ac82b34add4f06b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

xpcom

NS_GetServiceManager
NS_StringGetMutableData
NS_GetComponentManager
NS_StringContainerInit2
NS_CStringGetData
NS_CStringContainerFinish
NS_CStringContainerInit
NS_CStringSetData
NS_StringSetDataRange
NS_CStringSetDataRange
NS_StringContainerInit
NS_StringSetData
NS_StringGetData
NS_StringCopy
NS_StringContainerFinish

kernel32

FlushFileBuffers
GetConsoleMode
GetConsoleCP
LoadLibraryA
lstrcmpA
lstrlenA
VirtualQuery
FindResourceExW
FindResourceW
LoadResource
GlobalAlloc
WideCharToMultiByte
SizeofResource
lstrcmpW
lstrlenW
GlobalFree
LockResource
GetModuleFileNameA
GetFileSize
SetFilePointer
MapViewOfFile
lstrcpynA
SetEndOfFile
GlobalLock
SetFileTime
WriteFile
LoadLibraryW
GetVersionExW
GetFileAttributesW
ReadFile
WriteConsoleA
CreateFileW
MultiByteToWideChar
GlobalUnlock
OpenMutexW
GetLastError
GetProcAddress
FindClose
GetLocalTime
InterlockedExchangeAdd
CreateFileMappingW
lstrcmpiW
lstrcatW
FindNextFileW
GetFileTime
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
lstrcpyW
lstrcpyA
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetDateFormatA
GetTimeFormatA
ExitProcess
Sleep
GetConsoleOutputCP
CreateFileA
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetModuleFileNameW
GetTimeZoneInformation
GetStdHandle
LCMapStringW
GetStringTypeW
GetStringTypeA
VirtualAlloc
SetStdHandle
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringA
VirtualFree

user32

CloseClipboard
SetTimer
GetTopWindow
KillTimer
GetParent
wsprintfA
wsprintfW
GetKeyboardLayout
GetClassNameW
OpenClipboard
GetWindow
UnregisterClassA

advapi32

RegQueryValueExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW

shell32

SHGetSpecialFolderPathW

Exports

Exports

NSModule

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

166dadcccc50067a4ac82b34add4f06b

Headers

File Characteristics

Imports

xpcom

kernel32

user32

advapi32

shell32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 20KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 20KB

.reloc
Size: 12KB - Virtual size: 9KB