39c17c2ccda5bcf1c339f2636cd6eab4

Sharing

Copy URL Twitter E-mail

General

Target

39c17c2ccda5bcf1c339f2636cd6eab4
Size

72KB
MD5

39c17c2ccda5bcf1c339f2636cd6eab4
SHA1

45d1ba595fe7576ee313f89dd7785efe5056348a
SHA256

61a51801fdc1bf9818e66a1444faf3d49e12056c9cefa3f3c8a37190bf64f758
SHA512

682c1c5023477c826179381393ea74ce9ebc379ae9cda3059eb953a780dd59f2c8fb9842294e956ed865c6924d190513007b2d97d9f926966e60fc277f6ada5a
SSDEEP

1536:IlcSWXL626Apa+zf9yTI8WDhg8rTxTF074Gou6:e86pn+zf978Wdg83RG7B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39c17c2ccda5bcf1c339f2636cd6eab4

Files

39c17c2ccda5bcf1c339f2636cd6eab4
.dll windows:4 windows x86 arch:x86

8175efcba712e4395bdd3ca044cf6f9d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VerifyVersionInfoA
OpenJobObjectA
ProcessIdToSessionId
MultiByteToWideChar
GetCPInfo
BuildCommDCBAndTimeoutsW
FileTimeToDosDateTime
GetModuleFileNameA
OpenProcess
lstrlenA
FindNextChangeNotification
SystemTimeToFileTime
GetPrivateProfileSectionNamesW
SetPriorityClass
lstrcpyA
GetThreadPriority
VirtualProtect
GetFullPathNameA
TermsrvAppInstallMode
QueryDosDeviceA
SetConsolePalette
SetLocalPrimaryComputerNameA
GetSystemWindowsDirectoryA
GetLogicalDriveStringsA
ReadConsoleOutputA
FillConsoleOutputCharacterA
FindNextVolumeA
GetFileInformationByHandle
ReplaceFile
ReplaceFileA
BuildCommDCBA
WriteConsoleOutputCharacterA
SizeofResource
WaitForSingleObjectEx
MapUserPhysicalPages
GetVolumePathNameA
EnumResourceLanguagesA
SetConsoleFont
GetVolumePathNamesForVolumeNameA
GetExpandedNameA
OpenFileMappingA
lstrcpynA
GetPrivateProfileStructA
GetConsoleCursorInfo
GetTimeFormatA
GetCPInfoExA
lstrcpyA
GetFileAttributesExA
SetDllDirectoryA
VirtualAllocEx
GetEnvironmentStringsA
OpenThread
CancelWaitableTimer
VirtualProtectEx
GetEnvironmentVariableA
SetUserGeoID
ResetWriteWatch
GetComputerNameA
GetConsoleCursorInfo
lstrcmpA
GetConsoleInputExeNameA
GetVersionExA
GetDiskFreeSpaceExA
GetWriteWatch
Module32First
OpenSemaphoreA
SetComputerNameExW
ShowConsoleCursor
LocalLock
ReadConsoleOutputCharacterA
UnlockFileEx
EnumResourceTypesA
IsDebuggerPresent
ExitThread
GetMailslotInfo
lstrcatA
IsBadCodePtr
GetLongPathNameA
SetFileAttributesA
WriteConsoleOutputA
lstrcmpiA
GetComputerNameExA
DeleteTimerQueueEx
CreateFileMappingA
HeapCreate
GetProcessWorkingSetSize
SetVolumeLabelA
CreateTimerQueueTimer
GetDriveTypeA
SetVolumeMountPointA
SetHandleCount
VirtualAllocEx
GetUserDefaultUILanguage
GetFileSizeEx

winmm

timeGetSystemTime

user32

MonitorFromPoint
TabbedTextOutA
SetCaretBlinkTime
SetLastErrorEx
OpenIcon
EnumDisplaySettingsExW
GetWindowTextA
DeferWindowPos
GetUserObjectSecurity
EnumDisplaySettingsExA
TranslateAcceleratorA
SystemParametersInfoA
GetCursorFrameInfo
CharNextA
IsDialogMessageA
AllowForegroundActivation
CreateWindowExA
InflateRect
GetWindowRgnBox
AppendMenuA
RegisterClassExA
BuildReasonArray
PostMessageA
DefDlgProcA
EqualRect
SendIMEMessageExA
GetClipboardSequenceNumber
DlgDirSelectExA
SetWindowStationUser
IsWinEventHookInstalled
DefFrameProcA
SendIMEMessageExA
DefDlgProcA
GetMonitorInfoA
BeginDeferWindowPos
GetCursorPos
GetClipboardSequenceNumber
DrawEdge
GetClipboardSequenceNumber
GetMenuStringA
ShowScrollBar
EndDialog
OemToCharBuffW
EnableScrollBar
RegisterClipboardFormatA
DispatchMessageA
GetDoubleClickTime
InvalidateRect
LoadStringA
EnumWindowStationsA
ChangeMenuA
DestroyWindow
CharToOemBuffW
SetSystemMenu
CreateWindowStationW
RegisterClassExA
GetWindow
MonitorFromPoint
GetAltTabInfo
SetMessageExtraInfo
RecordShutdownReason
GetKeyboardLayout
SystemParametersInfoA
CharPrevExA
LoadBitmapA
SetProcessWindowStation
RegisterShellHookWindow
RegisterHotKey
DrawTextExA
GetForegroundWindow
AlignRects
CharToOemBuffW
UpdateWindow
TrackMouseEvent
HiliteMenuItem
BroadcastSystemMessageExW
SwapMouseButton
RegisterClipboardFormatA
GetMenuContextHelpId
GrayStringA
SetCaretPos
LoadMenuIndirectW
RemovePropA
OpenWindowStationA
GetMenuState
SetWindowsHookExA
LoadCursorFromFileA

Exports

Exports

Keqinua
Whmbspvqpsc
SetYllahing

Sections

.idata
Size: - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 56KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8175efcba712e4395bdd3ca044cf6f9d

Headers

File Characteristics

Imports

kernel32

winmm

user32

Exports

Exports

Sections

.idata Size: - Virtual size: 528B

.itext Size: 56KB - Virtual size: 180KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 2KB

.idata
Size: - Virtual size: 528B

.itext
Size: 56KB - Virtual size: 180KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 2KB