fd2e4bea3e7fb0c85bd0e5a8cae94e51

Sharing

Copy URL Twitter E-mail

General

Target

fd2e4bea3e7fb0c85bd0e5a8cae94e51
Size

78KB
MD5

fd2e4bea3e7fb0c85bd0e5a8cae94e51
SHA1

8abfd3462b15d41716f3bbd98714f57d6e113214
SHA256

817b53f59ae1ed4df75d18e2860342957077f54f12afebc627cc719ae4b375ed
SHA512

abcb9b0adc802a11a5c9366f42799b36cd45f93b7b2908db9384d8865fd927503b2912635d4226427aecfbe09a8766afd3eb30c69c20e659b5cd50f80a994596
SSDEEP

1536:+gNoxftVphig6idCK5aTADqeIe/ndWwovJuWQWLiie:fN61Vnig64Cive6fEwcJ7Q+7e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd2e4bea3e7fb0c85bd0e5a8cae94e51

Files

fd2e4bea3e7fb0c85bd0e5a8cae94e51
.dll windows:4 windows x86 arch:x86

9523219c3fc1f6391af1745cc55bea87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CommConfigDialogA
CompareFileTime
CreateToolhelp32Snapshot
EnumUILanguagesA
ExitProcess
FindNextFileW
FindNextVolumeW
GetCommModemStatus
GetCommandLineA
GetDiskFreeSpaceW
GetFileAttributesW
GetHandleInformation
GetModuleHandleA
GetModuleHandleW
GetStartupInfoA
GetSystemDirectoryW
GetTapeStatus
GetUserDefaultLangID
GetVersionExA
HeapAlloc
HeapCreate
LCMapStringW
OpenWaitableTimerA
SetDefaultCommConfigW
WritePrivateProfileStructA
lstrcpyA

user32

SendMessageA
ReleaseDC
RegisterClassA
MessageBoxA
LoadStringA
KillTimer
InvalidateRgn
SetWindowPos
GetSystemMetrics
GetMenuItemID
GetFocus
GetDlgItemTextA
GetClassLongA
FindWindowExA
FillRect
TrackPopupMenuEx
GetUpdateRgn
EnableMenuItem
DrawTextA
DeleteMenu
DefWindowProcA
CreateMenu
CreateDialogParamA
ClientToScreen
BeginDeferWindowPos
wsprintfA
ModifyMenuA

advapi32

EqualPrefixSid
CryptSetProvParam
CryptHashSessionKey
CryptAcquireContextA
CreateTraceInstanceId
ConvertToAutoInheritPrivateObjectSecurity
GetExplicitEntriesFromAclA
CloseServiceHandle
CloseEncryptedFileRaw
SetTokenInformation
RegSaveKeyA
RegRestoreKeyA
RegQueryMultipleValuesA
RegGetKeySecurity
QueryAllTracesW
OpenEventLogA
LsaSetSecret
LsaSetInformationTrustedDomain
LsaRemoveAccountRights
LsaOpenTrustedDomainByName
BuildSecurityDescriptorA
LsaEnumerateAccountsWithUserRight
LookupAccountNameW
GetTrusteeFormW
GetSecurityInfoExA
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
AccessCheckByTypeResultListAndAuditAlarmA
AreAllAccessesGranted

olepro32

OleCreatePropertyFrame
OleIconToCursor

oleacc

AccessibleChildren
CreateStdAccessibleObject
WindowFromAccessibleObject
GetStateTextA

oledlg

OleUIAddVerbMenuW
OleUIBusyA
OleUIChangeIconW
OleUIConvertA

Sections

.text
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9523219c3fc1f6391af1745cc55bea87

Headers

File Characteristics

Imports

kernel32

user32

advapi32

olepro32

oleacc

oledlg

Sections

.text Size: 48KB - Virtual size: 52KB

.data Size: 27KB - Virtual size: 28KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 52KB

.data
Size: 27KB - Virtual size: 28KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB