70b84600a285ea258563c391d2d23ab7

Sharing

Copy URL Twitter E-mail

General

Target

70b84600a285ea258563c391d2d23ab7
Size

76KB
MD5

70b84600a285ea258563c391d2d23ab7
SHA1

c38d4f968544a28ba7ad2a67c4f03d1d5d641bdf
SHA256

8f71ffceb5b92e871fbdee10c15a47d69e8720533f45ff1ca6f8b1fb609da8bb
SHA512

69758d608c8dc1d6276673c6d9609cfaf3209c76276620c90d83e9e2304bf42a7f429f971c762c493b2eb694823d463c917071412b54eebfcfec2fa1c6830e42
SSDEEP

1536:WAdWeqlXCHCL+TrTmkGOKITVDQHsHQeAR4AiymwZ:NWrgY+vykGO3DzweARXiO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70b84600a285ea258563c391d2d23ab7

Files

70b84600a285ea258563c391d2d23ab7
.dll windows:4 windows x86 arch:x86

41ff600d00807dc6dfb0d5935d7015b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetConsoleCursorPosition
GetVersionExW
GetVolumeInformationA
GlobalDeleteAtom
GetFileTime
CreateDirectoryW
GetCommandLineA
ExitThread
CreateMailslotW
SetCurrentDirectoryW
lstrcmpW
LocalFileTimeToFileTime
GetConsoleCP
lstrcpyA
HeapDestroy
VirtualUnlock
ReadConsoleInputW
ExitProcess
SetEnvironmentVariableA
CreateMutexW
DisconnectNamedPipe
GetDriveTypeA
GetThreadLocale
QueueUserAPC
SetFilePointer
HeapCompact
DeleteTimerQueueEx
SetConsoleTitleA
GetProfileIntW
SetErrorMode
WriteProfileStringW
WriteProfileStringA
VirtualQueryEx
CreateProcessW
CompareStringA
SizeofResource
ReadConsoleA
GetVersionExA
CreatePipe
GetLocaleInfoA
GetComputerNameExW
DuplicateHandle
GetVolumeInformationW
EnumResourceLanguagesW
GetConsoleScreenBufferInfo
SleepEx
RemoveDirectoryW
GlobalGetAtomNameW
UnmapViewOfFile
FormatMessageA
lstrcmpA
GetSystemTime
UnlockFileEx
RtlMoveMemory
GetNumberFormatW
OpenSemaphoreW
GetHandleInformation
SetEvent
GetLargestConsoleWindowSize
ReadConsoleInputA
FindNextChangeNotification
PeekConsoleInputW
PulseEvent
GetThreadContext
GetProfileSectionA
GetSystemTimeAdjustment
EnumSystemLocalesA
FreeResource
GetDiskFreeSpaceA
FindNextFileA
GetDiskFreeSpaceW
GetSystemWindowsDirectoryA
GetTempFileNameA
GlobalGetAtomNameA
WriteConsoleInputA
ChangeTimerQueueTimer
BindIoCompletionCallback
ReadFileEx
LocalHandle
InterlockedDecrement
DeviceIoControl
CreateConsoleScreenBuffer
LocalLock
GetStringTypeExA
GetTimeFormatW
QueueUserWorkItem
FindCloseChangeNotification
SetVolumeLabelA
HeapUnlock
SetLocalTime
GetTempPathA
PostQueuedCompletionStatus
GetSystemDefaultLangID
SetConsoleMode
GlobalAlloc
HeapSize
ResumeThread
LCMapStringW
GetLogicalDrives
CreateTimerQueueTimer
RegisterWaitForSingleObjectEx
GlobalHandle
CreateToolhelp32Snapshot
GetLongPathNameW
SystemTimeToFileTime
GetCPInfo
GetUserDefaultLCID
OpenEventA
GetDriveTypeW
VerLanguageNameW
UnlockFile
WaitForSingleObjectEx
FindNextVolumeMountPointW
SetFilePointerEx
FindFirstFileA
GetQueuedCompletionStatus
GlobalAddAtomW
GetModuleHandleExW
lstrlenA
GetProcessHeap
CreateDirectoryA
MoveFileExA
WaitForSingleObject
CreateProcessA
EnterCriticalSection
GetModuleFileNameA
VirtualQuery
CloseHandle
GetLastError
LoadLibraryA
HeapValidate
GetProcAddress
CreateFileMappingA
GetSystemTimeAsFileTime
InterlockedExchange
GetModuleHandleA
lstrcpyW
SetHandleInformation

ole32

OleCreate
OleRegEnumVerbs
CoWaitForMultipleHandles
CreateBindCtx
CoReleaseMarshalData
OleLoadFromStream
CoQueryProxyBlanket
CoGetMalloc
ReadFmtUserTypeStg
CoGetClassObject
MkParseDisplayName
OleCreateLinkToFile
StgOpenStorage
StgOpenStorageEx
StringFromGUID2
CoImpersonateClient
CreatePointerMoniker
CoEnableCallCancellation
OleCreateFromData
CoFreeUnusedLibraries
CoSwitchCallContext
OleSaveToStream
OleCreateLinkFromData
FreePropVariantArray
OleTranslateAccelerator
CoRevertToSelf
CoAllowSetForegroundWindow
OleCreateMenuDescriptor
CreateGenericComposite
CoGetCallContext
CoTaskMemFree
CoTaskMemAlloc
OleCreateFromFile

shlwapi

PathIsUNCServerShareW
UrlEscapeW
StrStrW
PathCanonicalizeW
PathIsURLW
wvnsprintfW
wnsprintfA
StrCatBuffW
PathFindFileNameA
PathGetArgsW
PathBuildRootW
PathAddExtensionW
StrFormatKBSizeW
PathFindNextComponentW
PathAppendW
PathRemoveFileSpecA
PathParseIconLocationW
StrChrIW
UrlGetPartW
StrToIntExW
PathRemoveBlanksW
PathRemoveBackslashW
UrlIsW
SHSetValueW
UrlCreateFromPathW
StrCmpIW
PathQuoteSpacesW
SHRegGetBoolUSValueW
SHRegGetValueW
SHDeleteKeyW
StrCmpNIW
StrStrA
StrToIntW
PathSetDlgItemPathW
PathAppendA
SHDeleteValueW
PathIsRelativeW
StrStrIA

advapi32

GetServiceKeyNameW
RegSetValueExA
RegOpenKeyExA
GetUserNameA
RegEnumKeyExA
OpenSCManagerA
CreateProcessAsUserA
IsTokenRestricted
RegisterServiceCtrlHandlerW
RegQueryValueA
MapGenericMask
QueryServiceConfigW
LockServiceDatabase
RegEnumKeyW
ChangeServiceConfigA
RegOpenKeyExW
QueryServiceConfigA
NotifyChangeEventLog
IsTextUnicode
RegQueryValueExA
EnumDependentServicesW
RegUnLoadKeyA
RegDeleteKeyW
StartServiceW
SetThreadToken
RegOpenCurrentUser
RegSetValueExW
ImpersonateNamedPipeClient
ReadEventLogW
GetNumberOfEventLogRecords
OpenProcessToken
MakeAbsoluteSD
RegNotifyChangeKeyValue
CreateProcessAsUserW
CloseEventLog
OpenEventLogA

gdi32

CreateDiscardableBitmap
GetTextCharset
GetCurrentPositionEx
OffsetWindowOrgEx
EnumFontFamiliesW
DescribePixelFormat
SetTextColor
PolyBezier
SetBitmapBits
SelectPalette
SetPixelV
InvertRgn
ExtEscape
GetKerningPairsA
PatBlt
GetGraphicsMode
GetFontData
ScaleWindowExtEx
DeleteObject
StartDocW
GetMapMode
GetGlyphOutlineW
GetPolyFillMode
CreateMetaFileA
SetTextCharacterExtra
CreateBitmapIndirect
PlayEnhMetaFile
GetStockObject
GetBkColor
CreateCompatibleBitmap
RemoveFontResourceW
SetWindowExtEx
GetRegionData
SetLayout
GetTextExtentExPointA
CreateHatchBrush
SetMapMode
GetTextFaceW
CreateDCA
CreateRectRgnIndirect
SetMiterLimit
GetDIBits
GetPaletteEntries
CreatePatternBrush
GetRgnBox
EnumEnhMetaFile
TextOutA
BeginPath
GetObjectA
GetLayout
GetTextMetricsW
GetPixel
SetPolyFillMode
GetCharWidthA
SetBkColor
GetPixelFormat
SetSystemPaletteUse
CreateFontIndirectA
PaintRgn
GetWindowOrgEx
GetObjectW
CreateDIBSection
ExtTextOutA
GetWinMetaFileBits
GetBrushOrgEx
CreateDIBPatternBrushPt
GetCharABCWidthsA
PolyBezierTo
GetTextMetricsA
SetICMMode
SetArcDirection
SetAbortProc
SetMetaFileBitsEx
GetNearestColor
TranslateCharsetInfo
EnumFontFamiliesExW

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41ff600d00807dc6dfb0d5935d7015b7

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 1024B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 1024B

.reloc
Size: 4KB - Virtual size: 2KB