63c1bfbc2787081caa3d54de62f7e55b

Sharing

Copy URL Twitter E-mail

General

Target

63c1bfbc2787081caa3d54de62f7e55b
Size

80KB
MD5

63c1bfbc2787081caa3d54de62f7e55b
SHA1

344a77a4a8bbe7712a1273c9566d140bf4980b23
SHA256

a21db1ab3af0e77bff6a866e65343244d324bf9e2a8c4277a3b285bd343482eb
SHA512

7ce0c682a098edcc6838b6208c66e0b08844417f407380fca175835702b5887d7d33fb0be9d082b8b5ca00fd9433231ae14c91be6e56e9215b0ae36578b4c5ba
SSDEEP

1536:wbAJIE4XNuFhpKM27YyYa9ryMVdP1I8s5qQq:KrXUFeM27YIyMxI8+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63c1bfbc2787081caa3d54de62f7e55b

Files

63c1bfbc2787081caa3d54de62f7e55b
.dll windows:4 windows x86 arch:x86

cd24c2a5e9cfd57fb36be2b80ec31425

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetEnvironmentVariableW
RemoveDirectoryA
DeviceIoControl
FindVolumeMountPointClose
ExpandEnvironmentStringsW
GetCommConfig
VirtualFree
ResumeThread
FindActCtxSectionStringW
LCMapStringW
SetNamedPipeHandleState
GlobalGetAtomNameW
GetConsoleMode
GlobalDeleteAtom
ClearCommBreak
FindFirstChangeNotificationW
RaiseException
FindResourceExW
VerifyVersionInfoA
GetProfileSectionA
WinExec
OpenSemaphoreA
LockFileEx
WriteProfileStringW
GlobalMemoryStatusEx
SetVolumeMountPointW
QueryPerformanceFrequency
GetSystemDirectoryW
SetErrorMode
GetDiskFreeSpaceW
MoveFileExA
HeapWalk
GetTempPathW
lstrcpynA
IsBadReadPtr
SetVolumeLabelA
lstrcatW
GetSystemWindowsDirectoryA
GetStartupInfoW
LoadLibraryA
LocalAlloc
GetStringTypeW
EscapeCommFunction
WriteConsoleInputA
GetProfileStringA
GlobalFindAtomW
SetConsoleMode
FindResourceExA
GetVolumeNameForVolumeMountPointW
ReadConsoleInputW
GetCurrentActCtx
GetConsoleScreenBufferInfo
SetFilePointer
GetCommProperties
LocalFree
GetProcAddress
CreateMutexA
GetModuleFileNameA
GetTickCount
IsValidCodePage

user32

GetTabbedTextExtentA
CloseDesktop
RegisterHotKey
ScreenToClient
OffsetRect
SetCaretPos
SetDlgItemInt
ModifyMenuW
DispatchMessageW
InsertMenuItemW
GetMenuItemInfoW
AllowSetForegroundWindow
CreateDialogParamA
GetDCEx
InsertMenuW
WaitMessage
IsRectEmpty
DestroyCursor
GetMenuState
WaitForInputIdle
WinHelpW
GetWindowContextHelpId
WindowFromPoint
SetWindowsHookExW
GetWindowTextLengthA
BringWindowToTop
SendMessageTimeoutW
CreateCaret
GetLastActivePopup
CallMsgFilterW
GetQueueStatus
GetWindowRgn
IsCharAlphaNumericW
EnumChildWindows
GetUpdateRect
CreateIconIndirect
SendMessageA
GetParent
DestroyWindow
CallNextHookEx
SendDlgItemMessageW

oleaut32

SysReAllocStringLen

shell32

CommandLineToArgvW
ShellExecuteExA

gdi32

PlayEnhMetaFile
CreatePalette
SetDIBColorTable
GetPath
RemoveFontResourceW
SetLayout
GetBkMode
GetStretchBltMode
OffsetRgn
EnumMetaFile
GetMapMode
GetCharWidthW
GetCurrentPositionEx
GetObjectW
GetDIBits
ExtCreateRegion
GetCharWidth32W
CreateHatchBrush
GetTextCharsetInfo
DPtoLP
OffsetViewportOrgEx
CreateCompatibleBitmap
InvertRgn
SetROP2
SelectObject
SetMagicColors

Exports

Exports

ClipWeb3xx

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd24c2a5e9cfd57fb36be2b80ec31425

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB