ff283bc8ce0e7ea10f73ff9247529951

Sharing

Copy URL

Twitter E-mail

General

Target

ff283bc8ce0e7ea10f73ff9247529951
Size

24KB
MD5

ff283bc8ce0e7ea10f73ff9247529951
SHA1

f79e6f05a3e14d7d69a99de175c52ee1a1fe169f
SHA256

e37c76ee8ac1ac55ecd345075e82a160723dd5b9cfd03b0bf9d4d54307181471
SHA512

8750f375f2c613e4fa006ac002366486839dabc8da3dfbf1ef38c447ab5ab3e006a4af57a881aaa8f85f7be9c0bebcd6a19d7bf6585083cf4d71e416b98f01a3
SSDEEP

192:CSt/dzHWn3fnwdAGC4F5k7KSsJRl496WHh/iuMwjqHh84M7hdyNbedrizZ+MT8IH:lvHWn3/wdojqlzGWfHh8rddyJ6Gz8+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff283bc8ce0e7ea10f73ff9247529951

Files

ff283bc8ce0e7ea10f73ff9247529951
.dll windows:4 windows x86 arch:x86

73f1ce3029e3777cb04af9dc1cbd9242

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegQueryValueExW
RegCloseKey
RegCreateKeyW
IsTextUnicode
RegQueryValueExA
RegOpenKeyExA
RegSetValueExW

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetLocalTime
GetUserDefaultLCID
GetDateFormatW
GetTimeFormatW
GlobalLock
GlobalUnlock
GetFileInformationByHandle
CreateFileMappingW
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
GlobalFree
GetLocaleInfoW
LocalFree
LocalAlloc
lstrlenW
LocalUnlock
CompareStringW
LocalLock
FoldStringW
CloseHandle
lstrcpyW
ReadFile
CreateFileW
lstrcmpiW
GetCurrentProcessId
GetProcAddress
GetCommandLineW
lstrcatW
FindClose
FindFirstFileW
GetFileAttributesW
lstrcmpW
MulDiv
lstrcpynW
LocalSize
GetLastError
WriteFile
SetLastError
WideCharToMultiByte
LocalReAlloc
FormatMessageW
GetUserDefaultUILanguage
SetEndOfFile
DeleteFileW
GetACP
UnmapViewOfFile
MultiByteToWideChar
MapViewOfFile
UnhandledExceptionFilter

user32

GetClientRect
SetCursor
ReleaseDC
GetDC
DialogBoxParamW
SetActiveWindow
GetKeyboardLayout
DefWindowProcW
DestroyWindow
MessageBeep
ShowWindow
GetForegroundWindow
IsIconic
GetWindowPlacement
CharUpperW
LoadStringW
LoadAcceleratorsW
GetSystemMenu
RegisterClassExW
LoadImageW
LoadCursorW
SetWindowPlacement
CreateWindowExW
GetDesktopWindow
GetFocus
LoadIconW
SetWindowTextW
PostQuitMessage
RegisterWindowMessageW
UpdateWindow
SetScrollPos
CharLowerW
PeekMessageW
EnableWindow
DrawTextExW
CreateDialogParamW
GetWindowTextW
GetSystemMetrics
MoveWindow
InvalidateRect
WinHelpW
GetDlgCtrlID
ChildWindowFromPoint
ScreenToClient
GetCursorPos
SendDlgItemMessageW
SendMessageW
CharNextW
CheckMenuItem
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetMenuState
EnableMenuItem
GetSubMenu
GetMenu
MessageBoxW
SetWindowLongW
GetWindowLongW
GetDlgItem
SetFocus
SetDlgItemTextW
wsprintfW
GetDlgItemTextW
EndDialog
GetParent
UnhookWinEvent
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
IsDialogMessageW
PostMessageW
GetMessageW
SetWinEventHook

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73f1ce3029e3777cb04af9dc1cbd9242

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 2KB - Virtual size: 4KB

.rdata Size: 18KB - Virtual size: 20KB

.reloc Size: 512B - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 4KB

.text
Size: 2KB - Virtual size: 4KB

.rdata
Size: 18KB - Virtual size: 20KB

.reloc
Size: 512B - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 4KB