050f52b4c6020340739d059a3c7de3e0

Sharing

Copy URL

Twitter E-mail

General

Target

050f52b4c6020340739d059a3c7de3e0
Size

288KB
MD5

050f52b4c6020340739d059a3c7de3e0
SHA1

63544501a153dce39a652185e9265d99c7796260
SHA256

b6b184d29423e7c67880f892e4fa89a5ccc0a2eb30bf800df34721b28e797cc8
SHA512

472019278b54f04ae32634d8e41e39321421e4733ee9d792475d3faa7b4ea41c34b05ae4c2fdb3700aedc6b77535e4c7b885a6064d86fd6426feffbdfac27c93
SSDEEP

3072:1W8uC0OL0k2Zhr4LrmJW2cwLHbdjVf0polc:1Kk2nr4rmJW2c67dypZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
050f52b4c6020340739d059a3c7de3e0

Files

050f52b4c6020340739d059a3c7de3e0
.dll windows:4 windows x86 arch:x86

38f261a5a67f70d2750e816ab693d1cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
LCMapStringW
LCMapStringA
ReadFile
SetEndOfFile
SetFilePointer
GetStringTypeW
MultiByteToWideChar
GetOEMCP
GetACP
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
lstrlenA
GetDriveTypeA
CreateDirectoryA
GetLastError
IsValidLocale
GetCPInfo
CreateFileA
FlushFileBuffers
SetStdHandle
VirtualAlloc
GetModuleFileNameA
CopyFileA
GetStringTypeA
DeleteFileA
WideCharToMultiByte
lstrlenW
LocalFree
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetSystemTime
GetLocalTime
DebugBreak
GetStdHandle
WriteFile
OutputDebugStringA
GetProcAddress
LoadLibraryA
GetCommandLineA
GetVersion
RaiseException
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
EnterCriticalSection
LeaveCriticalSection
IsBadWritePtr
IsBadReadPtr
HeapValidate
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
FatalAppExitA
Sleep
TerminateProcess
GetCurrentProcess
SetConsoleCtrlHandler
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
VirtualFree
SetUnhandledExceptionFilter
IsBadCodePtr
UnhandledExceptionFilter
HeapAlloc
HeapReAlloc

user32

SendMessageA
GetWindowRect
GetClassNameA
GetKeyState
ScreenToClient
GetActiveWindow
GetWindowTextA
wsprintfA
RegisterWindowMessageA
SendMessageTimeoutA
WindowFromPoint
GetCursorPos
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
GetWindowLongA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey

oleaut32

SysAllocStringLen
SysStringLen
SysFreeString
CreateErrorInfo
VariantChangeType
SetErrorInfo
GetErrorInfo
SysAllocString
VariantClear
VariantInit

oleacc

ObjectFromLresult

imm32

ImmReleaseContext
ImmGetCompositionStringA
ImmGetContext

Exports

Exports

HdetIn
UnHook

Sections

.text
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38f261a5a67f70d2750e816ab693d1cf

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

oleacc

imm32

Exports

Exports

Sections

.text Size: 216KB - Virtual size: 212KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 24KB - Virtual size: 30KB

.idata Size: 8KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 216KB - Virtual size: 212KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 24KB - Virtual size: 30KB

.idata
Size: 8KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 8KB