49df56f0144a2dc9f3debbfc90153da8

Sharing

Copy URL Twitter E-mail

General

Target

49df56f0144a2dc9f3debbfc90153da8
Size

136KB
MD5

49df56f0144a2dc9f3debbfc90153da8
SHA1

d501b9df4aef1adce8f036e1f59033ad96321867
SHA256

c34433c579943f18012d870a0c01b1af63b5fc945e002a971685bd753660de66
SHA512

95647ea56945157b4177deac112363dcff89672d7b2d068ef151852ee67ebf74700bf765b12ca3faca1417eee25a3765dc7dccc61ca8308fc72e5359bac80ab2
SSDEEP

1536:7oMRn26sAUzMK+U/7G5x4kHabAKAY3iQr/8XR89qViBDQhJoWQX3wkJ:0MN26sAARv7Qx4nEZY3jrsWwGQHoL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49df56f0144a2dc9f3debbfc90153da8

Files

49df56f0144a2dc9f3debbfc90153da8
.dll windows:4 windows x86 arch:x86

e3d1ae8c13f020dc3c3bc5a4b1a9364b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegDeleteKeyW
RegLoadKeyW
RegCreateKeyExA
RegEnumValueW
RegOpenKeyExW
RegOpenKeyA
RegReplaceKeyW
RegQueryValueW
RegQueryValueA
RegEnumKeyExA
RegEnumKeyExW
RegGetKeySecurity
RegEnumKeyW
RegEnumKeyA
RegFlushKey
RegCreateKeyExW
RegEnumValueA
RegEnumKeyW
RegOpenKeyExW
RegQueryInfoKeyA
RegDeleteValueA
RegEnumValueW
RegLoadKeyW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegReplaceKeyW
RegOpenKeyExA
RegFlushKey
RegCreateKeyW
RegQueryValueA

comctl32

ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Remove
ImageList_LoadImageA
ImageList_LoadImage
ImageList_GetDragImage
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_LoadImageW
ImageList_DragShowNolock
ImageList_Destroy
ImageList_DrawIndirect
ImageList_AddMasked
ImageList_Read
ImageList_LoadImageW
ImageList_Destroy
ImageList_Remove
ImageList_EndDrag
ImageList_AddIcon
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_DragLeave
ImageList_Merge
ImageList_GetImageCount
ImageList_Create
ImageList_Copy
ImageList_DragShowNolock

user32

DrawTextW
AppendMenuA
DialogBoxParamA
GetFocus
DrawIcon
IsMenu
GetDlgItem
BlockInput
AppendMenuW
LoadCursorA
DrawIconEx
GetMenu

gdi32

GetPixel
CancelDC
GetPixel
RestoreDC
CreateSolidBrush
GetBitmapBits
GetCurrentPositionEx
GetDCOrgEx
CloseFigure
AddFontResourceA
AddFontMemResourceEx
AbortPath
DeleteDC
AddFontResourceExW
ClearBitmapAttributes
GetPixel
CloseFigure
AddFontResourceTracking
ExtTextOutA
AbortPath
CopyMetaFileA
SetTextColor
GetPixel
GetClipBox
BitBlt
CloseFigure
GetClipBox
GetBitmapBits
ClearBitmapAttributes
AddFontMemResourceEx
GetPixel
BitBlt
GetPixel
SetTextColor
AddFontResourceExA
ExtTextOutA
AbortPath
CloseMetaFile
GetCurrentPositionEx
ExcludeClipRect
BeginPath
GetDCOrgEx
ClearBitmapAttributes
DeleteObject
GetPixel
CloseFigure
CopyMetaFileA
CancelDC
ExtTextOutA
GetBitmapBits
ClearBrushAttributes
AddFontMemResourceEx
GetBrushOrgEx
DeleteDC
DeleteObject
GetBitmapBits
AddFontResourceExW
CreateSolidBrush
GetPixel
AddFontResourceA
GetClipBox
AddFontResourceTracking
AbortPath
CancelDC

kernel32

SetLastError
CreateProcessA
GetCommandLineA
OpenFileMappingA
ReadFile
CreateThread
CreateDirectoryA
DeleteAtom
GetLastError
GetFileSize
DeleteFileA

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbs
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 313B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3d1ae8c13f020dc3c3bc5a4b1a9364b

Headers

File Characteristics

Imports

advapi32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 26KB - Virtual size: 25KB

.data Size: 103KB - Virtual size: 102KB

.bbs Size: - Virtual size: 2KB

.idata Size: 4KB - Virtual size: 4KB

.tls Size: - Virtual size: 313B

.rdata Size: 512B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 48KB

.text
Size: 26KB - Virtual size: 25KB

.data
Size: 103KB - Virtual size: 102KB

.bbs
Size: - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 4KB

.tls
Size: - Virtual size: 313B

.rdata
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 48KB