10e68e423d42fefb5cef48ee214fe311

Sharing

Copy URL Twitter E-mail

General

Target

10e68e423d42fefb5cef48ee214fe311
Size

130KB
MD5

10e68e423d42fefb5cef48ee214fe311
SHA1

3eaa19f68cc0002c4e4fe4675ad46a02cc16a63f
SHA256

47e52e6f5da2605ae26657e4d739beb1e0fbfa2bc9baca6f5c0563bcd27e248a
SHA512

4638c2a4b2f27a44fe6bbd9ac4109274556b5eb9f8480903bfaf0b28fb14fcbed4d910b74b5b87e8e37f1befd6414bc77df5fbadda2cc590c8f3540f7c542364
SSDEEP

3072:rnGrS2Zn1pMBXwm6gX0lqpFyndM7pzy8d10sSleGedPE:aeBXwm6E0k4wzN3FGehE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10e68e423d42fefb5cef48ee214fe311

Files

10e68e423d42fefb5cef48ee214fe311
.dll windows:4 windows x86 arch:x86

e0baca2b7da046b905a5822c43cc67f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

GetServiceDisplayNameA
SetSecurityDescriptorOwner
SetServiceBits
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
CloseEventLog
DeregisterEventSource
EnableTrace
LookupAccountSidW
NotifyChangeEventLog
ReadEventLogW
RegQueryValueExW
WriteEncryptedFileRaw

gdi32

SetBkMode
CreateEllipticRgn
DeleteDC
DeleteObject
GetBrushOrgEx
RemoveFontResourceW
PlayEnhMetaFile

kernel32

AddConsoleAliasA
DnsHostnameToComputerNameW
GetFullPathNameW
IsDBCSLeadByte
MultiByteToWideChar
lstrcmpiW
GetCommandLineW
DeleteCriticalSection
GetCurrentProcess
GlobalLock
GlobalUnlock
InterlockedDecrement
InterlockedIncrement
LocalAlloc
LocalFree
LocalReAlloc
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
LoadResource
FindResourceA
CloseHandle
CreateEventA
DisableThreadLibraryCalls
DosDateTimeToFileTime
EnterCriticalSection
EnumLanguageGroupLocalesA
FindFirstVolumeMountPointW
FindResourceExW
FormatMessageW
FreeLibrary
GetLastError
GetProfileIntW
HeapLock
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
LockResource
SetEvent
VirtualQuery
CompareStringW
CompareStringA
GetLocaleInfoW
GetSystemInfo
VirtualProtect
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
SetEnvironmentVariableA
GetTimeFormatA
HeapSize
LoadLibraryA
InterlockedExchange
RtlUnwind
InitializeCriticalSection
IsBadWritePtr
HeapReAlloc
GetCPInfo
GetOEMCP
GetACP
FatalAppExitA
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapAlloc
HeapFree
TlsGetValue
TlsSetValue
GetCurrentThreadId
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
TlsAlloc
GetCurrentThread
TlsFree

ole32

StringFromGUID2
ReleaseStgMedium
CoTaskMemAlloc
CoUnloadingWOW
CoCreateObjectInContext
CoRegisterPSClsid

oleaut32

VarBoolFromR4
VarDateFromDec
LPSAFEARRAY_Unmarshal

rpcrt4

I_RpcServerUseProtseqEp2A
RpcServerListen
NdrInterfacePointerUnmarshall
RpcIfIdVectorFree
RpcBindingVectorFree

user32

MapWindowPoints
LoadImageW
IsWindow
GetWindowTextW
GetWindowRect
GetWindowLongW
GetSystemMenu
GetParent
GetMenuItemInfoA
GetDlgItem
GetClientRect
PostMessageW
EnableMenuItem
DrawMenuBar
DestroyWindow
DestroyIcon
CreateCaret
CharUpperW
AppendMenuA
SetCursor
LoadStringW
EditWndProc
DestroyCursor
SendMessageW
SetFocus
SetTimer
SetWindowLongW
SetWindowTextW
SetWindowPos
ShowWindow
UnhookWindowsHookEx
EnableWindow
MessageBoxW

Exports

Exports

INGCCCG

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0baca2b7da046b905a5822c43cc67f0

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

rpcrt4

user32

Exports

Exports

Sections

.text Size: 83KB - Virtual size: 82KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 4KB - Virtual size: 6KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 83KB - Virtual size: 82KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 4KB - Virtual size: 6KB

.reloc
Size: 5KB - Virtual size: 4KB