09d81d0255aaf973d5805fab1ae28e60

Sharing

Copy URL Twitter E-mail

General

Target

09d81d0255aaf973d5805fab1ae28e60
Size

256KB
MD5

09d81d0255aaf973d5805fab1ae28e60
SHA1

c8b4314a21f781cb6e4d20b45bf9056fd0e322f0
SHA256

5ee4eb3684de527c246cfa72cfd5d69d0152b2749f5f47710cf3ca0a88ebedfa
SHA512

64fc55acbe849ce5b46462268225b8251e0d93e2e90cdcd2522dbef3fc6fa0178e23f3894252f181f9e57de40d29d3114820f202906f034000747b3512f32370
SSDEEP

3072:vpJCx9v6ExDc2PWsPgPtMiz01PRUqL47n5S4wHp6EERsbhHT0RoQmJJCaPkxL9:vpQHhPgu8dQdXbhzmmzFPO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09d81d0255aaf973d5805fab1ae28e60

Files

09d81d0255aaf973d5805fab1ae28e60
.dll windows:4 windows x86 arch:x86

fb8679101b31c2944e6d9539e3707d33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ToAscii
GetDlgItem
GetWindowLongA
SetWindowLongA
LoadImageA
RegisterClassA
UnregisterClassA
MessageBoxA
GetWindowTextA
PeekMessageA
MsgWaitForMultipleObjects
CreateDialogParamA
MapVirtualKeyA
keybd_event
PostMessageA
EndDialog
SetWindowTextA
EnableMenuItem
ModifyMenuA
InsertMenuA
RemoveMenu
GetUpdateRect
SetForegroundWindow
SetActiveWindow
MessageBeep
ShowCursor
GetMessageA
DispatchMessageA
BeginPaint
SetRect
FillRect
EndPaint
DialogBoxParamA
GetDlgItemTextA
SetDlgItemTextA
EnableWindow
DefWindowProcA
GetDC
ReleaseDC
SystemParametersInfoA
GetDesktopWindow
SetClipboardViewer
ChangeClipboardChain
CloseClipboard
GetClipboardData
OpenClipboard
GetClipboardOwner
SetClipboardData
EmptyClipboard
SendMessageA
GetKeyboardState
GetClientRect
InvalidateRect
SetCursor
PostQuitMessage
AdjustWindowRect
GetSystemMetrics
GetAsyncKeyState
GetCursorPos
TrackPopupMenu
SetScrollInfo
SetTimer
ScrollWindowEx
UpdateWindow
GetSystemMenu
CheckMenuItem
IsWindowVisible
ShowWindow
GetWindowRect
SetWindowPos
DestroyWindow
KillTimer
CreateWindowExA

gdi32

GetObjectA
SetDIBColorTable
SelectPalette
RealizePalette
CreateCompatibleBitmap
SelectObject
DeleteDC
CreateCompatibleDC
GetDIBits
ResizePalette
UnrealizeObject
SetPaletteEntries
DeleteObject
CreatePalette
GetStockObject
BitBlt
CreateDIBSection

ws2_32

WSAGetLastError
WSAStartup
connect
gethostbyname
htons
inet_addr
socket
inet_ntoa
getsockname
ntohs
shutdown
recv
select
send
setsockopt
closesocket
getpeername
WSAAsyncSelect

comctl32

CreatePropertySheetPageA
PropertySheetA
_TrackMouseEvent

comdlg32

GetSaveFileNameA
CommDlgExtendedError

kernel32

CompareStringA
GetTimeZoneInformation
CompareStringW
ReadFile
GetStringTypeW
GetStringTypeA
SetFilePointer
CreateFileA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
InterlockedExchange
SetEndOfFile
LCMapStringW
LCMapStringA
MultiByteToWideChar
WriteFile
SetEnvironmentVariableA
GetOEMCP
VirtualFree
HeapCreate
HeapDestroy
GetModuleHandleA
GetLastError
Sleep
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
ResetEvent
EnterCriticalSection
SetEvent
GetCurrentDirectoryA
GetVolumeInformationA
FormatMessageA
QueryPerformanceFrequency
QueryPerformanceCounter
TlsAlloc
TlsSetValue
CreateThread
CreateEventA
CloseHandle
ResumeThread
GetCurrentThread
GetCurrentThreadId
TlsGetValue
WaitForSingleObject
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
RtlUnwind
RaiseException
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
TlsFree
SetLastError
SetUnhandledExceptionFilter
GetCPInfo
GetACP
GetSystemTimeAsFileTime
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA

advapi32

RegSetValueExA
RegCreateKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Exports

Exports

WM_Hooks_RunFD

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb8679101b31c2944e6d9539e3707d33

Headers

File Characteristics

Imports

user32

gdi32

ws2_32

comctl32

comdlg32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 168KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 32KB - Virtual size: 39KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 16KB - Virtual size: 12KB

.text
Size: 172KB - Virtual size: 168KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 32KB - Virtual size: 39KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 16KB - Virtual size: 12KB