11d256005127b403835a542e0b458df8

Sharing

Copy URL Twitter E-mail

General

Target

11d256005127b403835a542e0b458df8
Size

355KB
MD5

11d256005127b403835a542e0b458df8
SHA1

df5fb044a84633a409303365a472f5d7b9a83a1d
SHA256

062c06b00e742444dcae8cb5eadca40961073817f9a4102e328822a6bd3e3c63
SHA512

6d3b9b881d1c8b476f5cc2ee9045d402972ecd5c3e22f72f489d2bbedb9044cf2076788cdfc8438e503a598ff91203a3bbccdcf4c2288fb2a5a1e8c2802cfeac
SSDEEP

6144:SCrEQfPuAIk+cOq0dftnfzn6BrUTyXHYSCNBoddSk5t9sA2+pBEh:5rX3rUqIfWBYTqqNimJA2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11d256005127b403835a542e0b458df8

Files

11d256005127b403835a542e0b458df8
.dll windows:4 windows x86 arch:x86

dab7ae2511a4304d038bcd4d3cf5574a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegDeleteKeyW
RegReplaceKeyA
RegQueryValueExW
RegGetKeySecurity
RegCreateKeyExW
RegQueryInfoKeyA
RegEnumKeyA
RegOpenKeyExW
RegEnumKeyExA
RegQueryInfoKeyW
RegOpenKeyA
RegEnumKeyW
RegEnumValueA
RegEnumKeyExW

kernel32

ExitThread
GetConsoleMode
GetCPInfo
GlobalFree
CreateProcessA
GetCommandLineA
CreateThread
ReadFile
CopyFileExW
DeleteFileW
CopyFileA
CopyFileExA
GetFileTime
GetLastError
CopyFileW

comctl32

ImageList_GetIconSize
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_DragEnter
ImageList_BeginDrag
ImageList_GetDragImage
ImageList_Copy
ImageList_DrawIndirect
ImageList_LoadImageA
ImageList_Draw
ImageList_AddIcon
ImageList_GetImageRect

user32

GetWindowTextA
EndDialog
CreateIcon
CopyImage
DrawTextW
LoadMenuA
DrawTextA
GetDlgItem
CalcMenuBar
CopyRect
GetDC

gdi32

BeginPath
AddFontResourceW
GetBitmapBits
ClearBitmapAttributes
AbortPath
AddFontMemResourceEx
CopyMetaFileA
DeleteObject
ExtTextOutA
ExcludeClipRect
GetBrushOrgEx
GetClipBox
GetPixel
SetTextColor
ClearBrushAttributes
GetPixel
BitBlt
CloseMetaFile
CreateSolidBrush
CancelDC
AddFontResourceExW
GetDCOrgEx
GetPixel
GetCurrentPositionEx
ExcludeClipRect
AddFontResourceTracking
BitBlt
SetTextColor
CloseFigure
DeleteObject
ExtTextOutA
GetDCOrgEx
GetPixel
GetBrushOrgEx
CancelDC
RestoreDC
ClearBrushAttributes
AddFontResourceA
GetClipBox
ClearBitmapAttributes
RestoreDC
BeginPath
GetPixel
CloseFigure
ClearBrushAttributes
GetDCOrgEx
DeleteDC
GetClipBox
CancelDC
CloseMetaFile
GetBitmapBits
GetBrushOrgEx
ClearBitmapAttributes
BeginPath
ClearBitmapAttributes
AddFontResourceExA
ClearBrushAttributes
GetPixel
AddFontResourceExW
CopyMetaFileA
CloseFigure
DeleteDC
AddFontResourceTracking
CloseMetaFile
GetClipBox
GetCurrentPositionEx
GetBrushOrgEx
ExcludeClipRect
DeleteObject
ExtTextOutA
SetTextColor
BitBlt
AbortPath
RestoreDC
CopyMetaFileA
GetClipBox
CloseFigure
GetDCOrgEx
SetTextColor
ClearBitmapAttributes
BeginPath
CancelDC

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 290KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbs
Size: - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 162B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dab7ae2511a4304d038bcd4d3cf5574a

Headers

File Characteristics

Imports

advapi32

kernel32

comctl32

user32

gdi32

Sections

.text Size: 57KB - Virtual size: 57KB

.data Size: 290KB - Virtual size: 290KB

.bbs Size: - Virtual size: 234KB

.idata Size: 4KB - Virtual size: 3KB

.tls Size: - Virtual size: 162B

.rdata Size: 512B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 76KB

.text
Size: 57KB - Virtual size: 57KB

.data
Size: 290KB - Virtual size: 290KB

.bbs
Size: - Virtual size: 234KB

.idata
Size: 4KB - Virtual size: 3KB

.tls
Size: - Virtual size: 162B

.rdata
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 76KB