484f2de9c2502b178a0dfa075970f1ac

Sharing

Copy URL Twitter E-mail

General

Target

484f2de9c2502b178a0dfa075970f1ac
Size

123KB
MD5

484f2de9c2502b178a0dfa075970f1ac
SHA1

633bbf42ff1f8b401270af16645ff9a35f85756c
SHA256

e5194e37489d65900e798fb9043fe860213a8f4cff01bd29aa5c85e11e096902
SHA512

09fba44c4894622528737c3b1ed2fc21e2cf9c66e69ef8053d4c548c612f735647f2a4fa9f0f90e74ba1f5f0c3dbcd7ff920e17975215051aff0a5d8e237ea0c
SSDEEP

3072:9/OcQolT5rkOUPJIaXptoxW4Fclqt1lsKMMiU1m9:ECZUsWEIqt1lsKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
484f2de9c2502b178a0dfa075970f1ac

Files

484f2de9c2502b178a0dfa075970f1ac
.dll windows:4 windows x86 arch:x86

7d4d7b1719fa854e3ca4ef17eb59a741

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

ControlService
DeleteService
InitializeSecurityDescriptor
OpenServiceA
QueryServiceStatus
SetSecurityDescriptorDacl
CloseServiceHandle
AdjustTokenPrivileges
StartServiceA

ole32

ReleaseStgMedium
StgCreateDocfileOnILockBytes
StringFromGUID2
OleUninitialize
OleLockRunning
CreateILockBytesOnHGlobal
CreateDataAdviseHolder
CreateBindCtx
CoUninitialize
CLSIDFromProgID
CoRevokeClassObject
CoInitialize
CoGetMalloc
CoDisconnectObject
CoCreateGuid
OleFlushClipboard

user32

CreateMDIWindowA
CreateCursor
CloseWindow
CharPrevA
BeginPaint
EnableMenuItem

shell32

SHBindToParent
SHGetFileInfoA
SHGetMalloc
SHFileOperationA

shlwapi

StrChrA
StrStrIA
PathIsRelativeA
SHAutoComplete
PathFindFileNameA
PathFindExtensionA
PathFileExistsA
PathCompactPathExA
PathCanonicalizeA
PathUnquoteSpacesA
PathQuoteSpacesA
PathMatchSpecA
PathIsDirectoryA
PathIsRootA

msvcrt

sscanf
vsprintf
sprintf
realloc
rand
malloc
_errno
__dllonexit
__set_app_type
strchr

kernel32

lstrcmpiA
Sleep
GetStartupInfoA
GetModuleHandleA
GetLocalTime
GetLastError
lstrlenA

Exports

Exports

Vii
Xsz

Sections

.text
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d4d7b1719fa854e3ca4ef17eb59a741

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 32KB

.rdata Size: 31KB - Virtual size: 32KB

.data Size: 34KB - Virtual size: 36KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 29KB - Virtual size: 32KB

.rdata
Size: 31KB - Virtual size: 32KB

.data
Size: 34KB - Virtual size: 36KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB