5d9fcc82d2aedb52415830f5512bc181

Sharing

Copy URL Twitter E-mail

General

Target

5d9fcc82d2aedb52415830f5512bc181
Size

239KB
MD5

5d9fcc82d2aedb52415830f5512bc181
SHA1

101107014c76e58c099b8e0a008067a4928e529a
SHA256

d3ac707770bc9d5e92e90207a331ce3a1e524c94ed52774141805cb58ecf9fa0
SHA512

9ec779eb083c72f47c161adf6ea25846a5d7a1b8313dc45f08c8e825f583d2d4830e47ca104d99c8b86e155bb3d873b70a5697750bcf42a9d8785298d1c32364
SSDEEP

6144:QSOW/ikwKy5mrOdwni8w1OxMTB4aDi2w6r:SkbyJdui8yFTCaDi2h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d9fcc82d2aedb52415830f5512bc181

Files

5d9fcc82d2aedb52415830f5512bc181
.dll windows:4 windows x86 arch:x86

cad12f56828b64667aabc23866930507

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetSetCookieA
InternetGetCookieA

kernel32

WaitForSingleObject
ReleaseMutex
CreateEventA
FlushInstructionCache
GetProcAddress
GetModuleHandleA
CreateFileA
GetComputerNameA
IsBadReadPtr
IsBadStringPtrA
InterlockedIncrement
InterlockedDecrement
DisableThreadLibraryCalls
CreateThread
ReadFile
OpenEventA
GetTempFileNameA
DeleteFileA
GetCurrentThreadId
Sleep
CreateProcessA
UnmapViewOfFile
GetFileSize
CreateFileMappingA
MapViewOfFile
SetEvent
FindResourceA
SizeofResource
LockResource
LoadResource
FindResourceExA
LoadLibraryA
ResetEvent
LeaveCriticalSection
EnterCriticalSection
WriteFile
OpenProcess
ReadProcessMemory
FreeLibrary
IsBadWritePtr
GetModuleFileNameA
lstrcmpA
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
SetFilePointer
GetLocalTime
GetCurrentProcessId
SystemTimeToFileTime
SetNamedPipeHandleState
GetTempPathA
CreateMutexA
GetSystemDirectoryA
SetErrorMode
VirtualQuery
GetTickCount
GetSystemTimeAsFileTime
FreeLibraryAndExitThread
TlsSetValue
TlsFree
SetLastError
TlsAlloc
ExitThread
GetSystemInfo
VirtualProtect
HeapSize
HeapReAlloc
HeapDestroy
GetCommandLineA
ExitProcess
TerminateProcess
HeapCreate
GetOEMCP
GetCPInfo
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
RtlUnwind
SetStdHandle
FlushFileBuffers
TlsGetValue
VirtualFree
VirtualAlloc
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentProcess
CloseHandle
RaiseException
DeleteCriticalSection
InitializeCriticalSection
GetTimeZoneInformation
GetVersionExA
GetLastError
GetThreadLocale
lstrlenA
CompareStringA
lstrlenW
InterlockedExchange
MultiByteToWideChar
GetLocaleInfoA
GetACP
WideCharToMultiByte
SetUnhandledExceptionFilter
GetVolumeInformationA
IsBadCodePtr

user32

PostMessageA
wsprintfA
LoadImageA
SetWindowPos
SendMessageA
DefWindowProcA
RegisterClassExA
LoadCursorA
GetClassInfoExA
GetDesktopWindow
InvalidateRgn
InvalidateRect
ReleaseCapture
SetCapture
DestroyWindow
RedrawWindow
GetDlgItem
GetWindow
SetFocus
GetFocus
IsChild
ReleaseDC
GetDC
EndPaint
FillRect
GetClientRect
BeginPaint
GetSysColor
DestroyAcceleratorTable
GetWindowTextA
GetWindowTextLengthA
SetWindowLongA
GetWindowLongA
CreateWindowExA
CallWindowProcA
IsWindowVisible
DestroyIcon
SetWindowTextA
SystemParametersInfoA
GetSystemMetrics
CharNextA
RegisterWindowMessageA
EnumChildWindows
GetClassNameA
GetParent
IsWindow
TranslateMessage
MsgWaitForMultipleObjectsEx
KillTimer
SetTimer
IsWindowUnicode
GetMessageW
GetMessageA
DispatchMessageW
PostThreadMessageA
DispatchMessageA
PeekMessageA
MsgWaitForMultipleObjects
UnregisterClassA
CreateAcceleratorTableA

gdi32

GetStockObject
GetDeviceCaps
DeleteObject
DeleteDC
SelectObject
BitBlt
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA

advapi32

GetLengthSid
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
MakeAbsoluteSD
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
IsValidSid
GetSidSubAuthority
GetSidLengthRequired
InitializeSid
CopySid
InitializeAcl
AddAce
GetAclInformation
GetSecurityDescriptorControl
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup

shell32

SHGetSpecialFolderPathA

ole32

OleInitialize
CLSIDFromString
CoGetClassObject
OleLockRunning
OleUninitialize
CoTaskMemFree
StringFromCLSID
CLSIDFromProgID
CoCreateInstance
CoUnmarshalInterface
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream

oleaut32

SafeArrayGetUBound
VariantClear
DispCallFunc
SysAllocStringLen
SysFreeString
SysAllocString
VariantCopyInd
SysStringByteLen
SysAllocStringByteLen
SafeArrayGetLBound
SafeArrayCreate
SafeArrayDestroy
VarBstrCat
SafeArrayUnlock
SafeArrayLock
LoadTypeLi
LoadRegTypeLi
SysStringLen
OleCreateFontIndirect
VariantInit

shlwapi

StrCatBuffA
StrToIntExA
StrToIntA
wvnsprintfA
PathStripPathA
PathRemoveExtensionA
PathAddBackslashA
StrStrIA
PathRemoveFileSpecA
SHGetValueA

ws2_32

closesocket
recv
send
getsockopt
__WSAFDIsSet
select
WSAStartup
gethostbyname
ioctlsocket
socket
inet_addr
connect
htons
WSACleanup
WSAGetLastError

Exports

Exports

GetLibraryInterface
GetLibraryVersion

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cad12f56828b64667aabc23866930507

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

ws2_32

Exports

Exports

Sections

.text Size: 167KB - Virtual size: 167KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 167KB - Virtual size: 167KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 15KB - Virtual size: 14KB