0beff299aa392d717ac7a5f8a3a74b6f

Sharing

Copy URL Twitter E-mail

General

Target

0beff299aa392d717ac7a5f8a3a74b6f
Size

248KB
MD5

0beff299aa392d717ac7a5f8a3a74b6f
SHA1

40bd902a312a5f1d02cdcd897f5bf593921d695c
SHA256

89419d9640b4ea2ff46fa2e44526f35b4e79c96fbc36fff6529865d458a38be3
SHA512

00f829b24ffad9f1ac556a2fa67518c25e47a5cea6481dac097bf05b7e68b6c674077cb490968fdbf0512246b3de7469e577022bdae817d1b223dcb03fd5f3a5
SSDEEP

3072:qJBgrkCArGFJS5uqu8sY6w4AbhoAKYmI87Bh:uBgrVArG/vl8sYX4AbZBP8H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0beff299aa392d717ac7a5f8a3a74b6f

Files

0beff299aa392d717ac7a5f8a3a74b6f
.dll windows:5 windows x86 arch:x86

b2c835ce98e44b77c4e9b8fbada837ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

free
_initterm
_vsnprintf
malloc
_adjust_fdiv

kernel32

GetProcAddress
LoadLibraryA
lstrcmpA
VirtualAlloc
InterlockedDecrement
CreateThread
GetShortPathNameA
MultiByteToWideChar
CompareStringA
CompareFileTime
GetNumberFormatA
GetTimeFormatA
GetDateFormatA
FileTimeToSystemTime
SetCurrentDirectoryA
GetCurrentDirectoryA
QueryPerformanceCounter
CreateEventA
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LocalAlloc
LocalFree
lstrcatA
SetErrorMode
CreateDirectoryA
FreeResource
LockResource
LoadResource
FindResourceA
WaitForSingleObject
lstrcpyA
DosDateTimeToFileTime
SetFileTime
GetFileInformationByHandle
FileTimeToDosDateTime
lstrlenA
GetFileSize
WriteFile
ReadFile
SetFilePointer
DeleteFileA
lstrcpynA
CreateFileA
GetLastError
EnterCriticalSection
LeaveCriticalSection
Sleep
FreeLibraryAndExitThread
SetEvent
DisableThreadLibraryCalls
InitializeCriticalSection
GetTickCount
GetCurrentProcessId
CloseHandle
DeleteCriticalSection
GetCurrentThreadId

advapi32

RegFlushKey
RegCreateKeyA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyA

user32

GetWindowPlacement
SetWindowTextA
EnableMenuItem
GetMenu
IsIconic
IsZoomed
SetFocus
GetDlgItem
ReleaseDC
GetDC
SetWindowLongA
CreateDialogParamA
TranslateAcceleratorA
IsDialogMessageA
GetForegroundWindow
LoadImageA
GetParent
TrackPopupMenu
AppendMenuA
CreatePopupMenu
MessageBoxA
GetDlgCtrlID
SendDlgItemMessageA
DestroyIcon
UnregisterClassA
GetFocus
LoadAcceleratorsA
LoadIconA
GetTopWindow
PeekMessageA
AdjustWindowRectEx
PtInRect
GetMessagePos
GetSysColorBrush
SetWindowPos
GetWindow
EndPaint
DrawEdge
BeginPaint
MessageBeep
IsWindow
InvalidateRect
LoadCursorA
GetClassInfoA
RegisterWindowMessageA
FindWindowA
EndDeferWindowPos
BeginDeferWindowPos
GetWindowTextA
GetSysColor
IsWindowEnabled
DeferWindowPos
ShowWindow
SetForegroundWindow
SystemParametersInfoA
GetWindowLongA
MoveWindow
DialogBoxParamA
EndDialog
GetDlgItemTextA
SetDlgItemTextA
GetSubMenu
GetMenuItemID
DrawIconEx
GetWindowRect
EnableWindow
GetClientRect
SendMessageA
GetSystemMetrics
LoadStringA
CharNextA
CreateWindowExA
KillTimer
SetTimer
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
PostMessageA
DestroyWindow
wsprintfA
RegisterClassA

gdi32

SetTextColor
SetBkColor
GetDeviceCaps
GetSystemPaletteUse
GetSystemPaletteEntries
CreateCompatibleDC
SelectPalette
DeleteDC
GetTextExtentPointA
GetTextMetricsA
CreateDIBSection
RealizePalette
CreatePalette
BitBlt
SelectObject
PatBlt
CreateSolidBrush
GetStockObject
DeleteObject
GetTextExtentPoint32A
GetObjectA

shell32

SHGetSpecialFolderLocation
DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
DragAcceptFiles
ShellExecuteA
DragQueryFileA

comdlg32

GetOpenFileNameA

comctl32

ord17

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

mst120

T120_GetNodeVersion
T120_CreateAppletSAP
T120_AppletStatus
T120_GetNodeName

Exports

Exports

CreateAppletLoaderInterface
FT_CreateInterface

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2c835ce98e44b77c4e9b8fbada837ea

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

gdi32

shell32

comdlg32

comctl32

ole32

mst120

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 69KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 164KB - Virtual size: 161KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 72KB - Virtual size: 69KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 164KB - Virtual size: 161KB

.reloc
Size: 4KB - Virtual size: 3KB