11f1b127085f2328d6f727e427569aef

Sharing

Copy URL Twitter E-mail

General

Target

11f1b127085f2328d6f727e427569aef
Size

176KB
MD5

11f1b127085f2328d6f727e427569aef
SHA1

a91b2550d4bd88d28bec3f83fa955927e2c11dad
SHA256

1c9b289b160bf4a7c9b05aaae153470b44120321385125abf8f8ae7db7f675b1
SHA512

7a4e6c1b3839d8af3be792d2522bd72738639d6691d44850cf183f9c17c3a2457dd2dd5776e23e08ffd3fce859cb92e6c2c77a4eb3748395eb707e409c9d583b
SSDEEP

3072:DipeqSHBOpXmcR+aeor9l9i8bcQqmqja5FBc9xKXqjxD0KhJXEwD:+peVBOPrxcQdqjarBc9x9bh1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11f1b127085f2328d6f727e427569aef

Files

11f1b127085f2328d6f727e427569aef
.dll windows:4 windows x86 arch:x86

c9d0de2ec54eb02523c459e8ca047244

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

swprintf
malloc
exit
memmove
wcsncmp
clock
sqrt
calloc
tolower
wcstol
atol

user32

CharToOemA
DefFrameProcA
SetMenu
SystemParametersInfoA
ScreenToClient
InsertMenuA
SendMessageW
SetFocus
PeekMessageA
ChildWindowFromPoint
FillRect
MessageBeep
GetSystemMetrics
DrawTextA
LoadBitmapA
DestroyCursor
SetTimer
GetKeyboardLayoutNameA
ShowWindow
GetWindow
IsDlgButtonChecked
DrawAnimatedRects
RemovePropA
AdjustWindowRectEx
RegisterClassA
PostMessageA
PeekMessageW
EnableWindow
ShowOwnedPopups
PostQuitMessage
IsWindowEnabled
RegisterClipboardFormatA
DrawIcon
SetWindowPos
GetSysColor
GetWindowTextA
IsDialogMessageW
GetDlgItem
EnumChildWindows
GetCursor
DefMDIChildProcA
GetParent
CharNextW
IsZoomed
IsCharUpperA
ScrollWindow
GetSubMenu
SetWindowLongA
SetMenuItemInfoA
GetSysColorBrush
SendMessageA
SetActiveWindow
SetWindowsHookExA
CharUpperBuffA
CreatePopupMenu
SetRect
ReleaseCapture
GetScrollPos
OpenIcon
CreateWindowExA
DeleteMenu
GetWindowDC
DestroyMenu
WindowFromPoint
GetTopWindow
LoadIconA
GetWindowLongW
SetForegroundWindow
GetScrollRange
SetClipboardData
UpdateWindow
DestroyIcon
GetWindowRect
GetKeyboardLayout

advapi32

RegQueryValueA
RegQueryValueExA
RegEnumKeyA

shell32

SHGetFolderPathA
Shell_NotifyIconW

comctl32

ImageList_DragShowNolock
ImageList_Remove
ImageList_Create
ImageList_Draw
ImageList_Add
ImageList_Read
ImageList_GetBkColor
ImageList_Write
ImageList_Destroy

gdi32

SelectObject
SelectPalette
SaveDC
GetTextColor

kernel32

SetThreadLocale
GetCommandLineW
GetCommandLineA
ExitProcess
SetHandleCount
SetLastError
SizeofResource
VirtualAlloc

Exports

Exports

_6l6ViDr
_8pIysKBTIcsY@24
xwX5g@4
reAw0Xesdb@20
_cMztBMxG
TgeCD@4
_SVRa15Wc5
__p7ZA@24
_sjemBbMUkZ
_jAw7T8t0ph
_AFkpTtJe9H@8
_unv40ylyST3BI5
vZ3UU1IAH9UR
_4iW8RW5Es
V8lKj
QtHg1su4lr_oI3
_4DaGl4dd
RezoT4
jm5qpVkM0y
_cSn9LPdw
8bS1HPT4_A0t@8

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9d0de2ec54eb02523c459e8ca047244

Headers

File Characteristics

Imports

msvcrt

user32

advapi32

shell32

comctl32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 151KB - Virtual size: 299KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 151KB - Virtual size: 299KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB