4b7ddcdf8fb71e81fdec7c317d561ee9

Sharing

Copy URL Twitter E-mail

General

Target

4b7ddcdf8fb71e81fdec7c317d561ee9
Size

80KB
MD5

4b7ddcdf8fb71e81fdec7c317d561ee9
SHA1

ddcc441129d5b176a4241d3cdcb491ba0e4763d9
SHA256

d488a51740402bfc977cf8199794ce04138593ef13d7851f58740ff053e765bf
SHA512

7ca6b92b286ff89959633c5b9ae161526b189932a2b19a6cbcc28cc719e492b4795f8de673630d5add90db583237fa92e52bede348d7951655f87449d4ae5b24
SSDEEP

1536:Aug0VjZaT5Q2fDJXuw1Msn/VxrXztTHXBu4Az2Iv+:ACET5JfB7esnjXztTHHeV+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b7ddcdf8fb71e81fdec7c317d561ee9

Files

4b7ddcdf8fb71e81fdec7c317d561ee9
.dll windows:4 windows x86 arch:x86

36b532d501f27a66d39422e945ae2341

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

BeginUpdateResourceA
CloseHandle
CreatePipe
DeleteTimerQueueTimer
EnumUILanguagesA
ExitProcess
FindFirstFileW
FormatMessageW
GetCommState
GetCommandLineA
GetCurrencyFormatA
GetDateFormatA
GetDriveTypeW
GetEnvironmentStringsA
GetExitCodeProcess
GetLogicalDrives
GetModuleHandleA
GetShortPathNameW
GetStartupInfoA
GetVersionExA
HeapAlloc
HeapCreate
HeapUnlock
HeapWalk
LocalFileTimeToFileTime
SetSystemTimeAdjustment
SetThreadLocale
WaitForMultipleObjectsEx
lstrcmpiA

user32

ReleaseCapture
RegisterClassExA
RegisterClassA
PeekMessageA
LoadAcceleratorsA
KillTimer
ScrollWindowEx
InvalidateRgn
IntersectRect
GetSystemMetrics
GetDlgCtrlID
GetDC
GetClassLongA
GetCapture
SetTimer
SystemParametersInfoA
IsDialogMessageA
ExitWindowsEx
EnumChildWindows
EnableMenuItem
DrawMenuBar
DrawEdge
DestroyWindow
DestroyIcon
CheckRadioButton
BeginDeferWindowPos
MessageBoxA

advapi32

CryptEncrypt
CopySid
ConvertSecurityDescriptorToAccessW
CryptGetDefaultProviderW
CloseTrace
AccessCheckByTypeResultListAndAuditAlarmW
AccessCheckByTypeAndAuditAlarmW
AccessCheckAndAuditAlarmW
CryptSignHashW
SetSecurityDescriptorRMControl
SetSecurityDescriptorGroup
SetEntriesInAclA
ReportEventA
RegisterTraceGuidsW
RegReplaceKeyA
RegOpenCurrentUser
RegEnumValueA
OpenSCManagerA
DuplicateEncryptionInfoFile
LsaDeleteTrustedDomain
LookupPrivilegeDisplayNameW
GetTrusteeFormW
GetNamedSecurityInfoExA
FileEncryptionStatusA
ElfCloseEventLog

olepro32

OleCreatePropertyFrame
OleCreateFontIndirect
OleTranslateColor

oleacc

ObjectFromLresult
AccessibleChildren
CreateStdAccessibleProxyA
CreateStdAccessibleProxyW
GetOleaccVersionInfo

oledlg

OleUICanConvertOrActivateAs
OleUIEditLinksA
OleUIBusyW

Sections

.text
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36b532d501f27a66d39422e945ae2341

Headers

File Characteristics

Imports

kernel32

user32

advapi32

olepro32

oleacc

oledlg

Sections

.text Size: 49KB - Virtual size: 52KB

.data Size: 27KB - Virtual size: 28KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 49KB - Virtual size: 52KB

.data
Size: 27KB - Virtual size: 28KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB