0804c11a011079cefd3b303bb11a4191

Sharing

Copy URL Twitter E-mail

General

Target

0804c11a011079cefd3b303bb11a4191
Size

136KB
MD5

0804c11a011079cefd3b303bb11a4191
SHA1

d8d2ea26c09619489dbfa991116660bc573fee21
SHA256

db8ecb16f89e637995b1f0bf7e9b533f694a0e86aef74ad4f767c1d19f6bcb92
SHA512

1807ec973cc8e4d6dc04b30d7e624b652037d870defbde440623b8d71e43babc573e3281b8c6b144b29bddc488e273630d39674c45c75be02b7394d22f994b71
SSDEEP

3072:phgzcF+4W+iu+NxaF/VgyYA/226cYZpj9:pS4FtWa+DaFdgyYF2Dcp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0804c11a011079cefd3b303bb11a4191

Files

0804c11a011079cefd3b303bb11a4191
.dll windows:5 windows x86 arch:x86

50569f189b716a543da0a16f0675fe4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

_lclose
GetLastError
DeleteTimerQueueEx
GetStringTypeW
VirtualAlloc
GetProcAddress
HeapAlloc
VirtualProtect
WriteConsoleW
ExitThread
LoadLibraryW
OutputDebugStringA
lstrlenA
GetModuleHandleA
FreeLibrary
GetWindowsDirectoryA
VirtualFree
CopyFileExA
FindFirstFileW
GetCurrentProcess
CopyFileA

msvcrt

malloc
_exit
strncpy
memcpy
_except_handler3
__CxxFrameHandler
swprintf
wcscmp
__p__commode
wcscat
__winitenv
free
iswdigit
_wtol
_iob
_vsnprintf
wcslen
_wcmdln
wcscpy
_controlfp
_snwprintf
_adjust_fdiv
__initenv
_ftol
_purecall
__p__fmode
swscanf
_c_exit
_cexit
wcschr
__dllonexit

user32

UnregisterClassW
ClientToScreen
ScreenToClient
LoadMenuW
GetMenuItemCount
GetParent
LoadCursorA
LoadCursorW
DispatchMessageW
GetCursorPos
SendMessageA
SendMessageW
ReleaseDC
SetCapture
IsWindow
GetProcessWindowStation
DestroyWindow
CopyRect
ReleaseCapture
SetScrollPos
BeginPaint
MapWindowPoints
wsprintfW
CheckDlgButton
LoadImageW
RegisterClassA
DialogBoxParamA

gdi32

CreateFontIndirectW
Rectangle
RestoreDC
PatBlt
CreateBitmap
CreateCompatibleDC
TranslateCharsetInfo
SetBkMode
StretchBlt
SetTextColor

opengl32

glColor3ui
glTexCoord2dv
wglShareLists
glColor4i
glStencilMask
glFogfv
glColor4f
GlmfBeginGlsBlock
glTexCoord2d
glColor4d

Exports

Exports

MbmUbbkdurQicmn
TfbufkePmbyvqk
ZwPszbjiePisetg

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50569f189b716a543da0a16f0675fe4a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.crt Size: 512B - Virtual size: 17B

.edata Size: 512B - Virtual size: 124B

.data Size: 55KB - Virtual size: 54KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 512B - Virtual size: 102B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.crt
Size: 512B - Virtual size: 17B

.edata
Size: 512B - Virtual size: 124B

.data
Size: 55KB - Virtual size: 54KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 512B - Virtual size: 102B