1375de5baeaf3222dda772c341d270d5

Sharing

Copy URL Twitter E-mail

General

Target

1375de5baeaf3222dda772c341d270d5
Size

2.9MB
MD5

1375de5baeaf3222dda772c341d270d5
SHA1

c8628ed3e55bd5c7535241a3306e01961c1fe6bc
SHA256

35a524c0fe41f93c81fba8deffe359cfa4dcfeac3f0c55fc7a70ebb8f3f87851
SHA512

310e9ed89cef2724b03b1de02a9e0867697f1d52ebdcc0a767baedd4178f8757828e5c0cdc8fc5ee67dae794b4d09587bb2ea12a9072fcd6ed3140986ef2ca42
SSDEEP

49152:M/7Zs/9YOQoDRJYxJA2RR/Ek/kbGOirpUzv5cthCZu6ChKy:u+D5cxN

Score

1^/10

Malware Config

Signatures

Files

1375de5baeaf3222dda772c341d270d5
.dll windows:6 windows x86 arch:x86

1922d04c266f386e88970760236562d7

Code Sign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a6:8a:9c:e7:e0:1d:a4:9a:9e:07:8f:df:0f:bc:77:8c:21:dd:83:8f:03:85:e2:de:03:cf:b5:2e:c4:a3:5c:61
Signer

Actual PE Digest

a6:8a:9c:e7:e0:1d:a4:9a:9e:07:8f:df:0f:bc:77:8c:21:dd:83:8f:03:85:e2:de:03:cf:b5:2e:c4:a3:5c:61

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
CreateDirectoryW
ChangeTimerQueueTimer
GetSystemInfo
GetTempPathW
lstrlenW
SetStdHandle
GetModuleFileNameA
CreateSemaphoreW
LocalFree
VirtualFree
GetCurrentProcess
GetTimeZoneInformation
lstrcmpW
HeapSize
MapViewOfFile
SetThreadAffinityMask
LoadLibraryExW
TryEnterCriticalSection
HeapAlloc
ResetEvent
GetConsoleCP
GlobalLock
GetStartupInfoW
CloseHandle
GetLogicalProcessorInformation
GetLocalTime
SetThreadPriority
TlsAlloc
lstrcpyW
GetCommandLineA
FreeLibrary
FindClose
GetSystemTimeAsFileTime
GetACP
EnumSystemLocalesW
LoadLibraryW
TlsSetValue
ReadDirectoryChangesW
GetCommandLineW
CreateTimerQueue
MulDiv
CreateMutexW
UnhandledExceptionFilter
RtlUnwind
GetOEMCP
LCMapStringW
LeaveCriticalSection
UnregisterWaitEx
HeapFree
GlobalSize
WriteConsoleW
MoveFileExW
CreateTimerQueueTimer
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
InterlockedPopEntrySList
GetStdHandle
SetLastError
GetCurrentThread
GlobalAlloc
EncodePointer
GetNumaHighestNodeNumber
GlobalFree
CopyFileW
OutputDebugStringW
FindFirstFileW
VirtualProtect
GetLongPathNameW
WriteFile
DeleteCriticalSection
IsValidCodePage
IsValidLocale
CreateFileMappingW
ReadFile
FindNextFileA
FileTimeToSystemTime
UnmapViewOfFile
QueryPerformanceCounter
GetThreadPriority
ReleaseMutex
TlsFree
CancelIo
CompareFileTime
DecodePointer
WaitForSingleObject
VirtualAlloc
SystemTimeToTzSpecificLocalTime
LocalAlloc
ExpandEnvironmentStringsW
SetEnvironmentVariableA
SleepEx
GetProcAddress
IsDebuggerPresent
DeleteFileW
FindFirstFileExW
ExitProcess
TerminateProcess
GetModuleHandleW
RegisterWaitForSingleObject
InitializeSListHead
FindNextFileW
TlsGetValue
QueueUserAPC
GetEnvironmentStringsW
CreateFileW
WaitForSingleObjectEx
GetProcessAffinityMask
CreateEventW
GetStringTypeW
CreateThread
GetModuleHandleExW
GetFullPathNameW
GetConsoleMode
GetUserDefaultLCID
GetLastError
CreateMutexA
GetFileAttributesW
RaiseException
GetDateFormatW
GetCurrentThreadId
lstrcpynW
CompareStringW
FreeEnvironmentStringsW
FindResourceW
GetFileType
WaitForMultipleObjects
HeapDestroy
GetTickCount
GetCPInfo
ReleaseSemaphore
DuplicateHandle
DeleteTimerQueueTimer
lstrcmpiW
SizeofResource
LoadResource
FormatMessageW
InterlockedPushEntrySList
SetFilePointerEx
GetTimeFormatW
WideCharToMultiByte
ReadConsoleW
SetFileAttributesW
IsProcessorFeaturePresent
EnterCriticalSection
GetModuleHandleA
UnregisterWait
GetLocaleInfoW
SetEvent
HeapReAlloc
GlobalUnlock
InterlockedFlushSList
GetModuleFileNameW
LockResource
SetCurrentDirectoryW
GetProcessHeap
SwitchToThread
GetCurrentDirectoryW
SetUnhandledExceptionFilter
FlushFileBuffers
SignalObjectAndWait
GetCurrentProcessId

user32

SetDlgItemTextA
GetDlgItemInt
CreateDialogIndirectParamW
SetDlgItemTextW
CloseWindow
CheckMenuRadioItem
GetPropW
MonitorFromWindow
SendDlgItemMessageW
GetWindowContextHelpId
GetWindowTextW
GetWindowLongW
ChangeClipboardChain
GetSysColorBrush
SetScrollPos
TrackPopupMenu
GetMenuItemID
EndDialog
ShowWindow
ReleaseCapture
GetScrollPos
IsZoomed
CreatePopupMenu
GetMenuState
CallWindowProcW
LockWindowUpdate
DrawEdge
FillRect
SetClipboardViewer
CheckMenuItem
RedrawWindow
IsWindowEnabled
IsWindowVisible
GetKeyboardState
BeginPaint
RegisterClipboardFormatW
LoadImageW
GetClipboardData
GetDlgItemTextW
EndDeferWindowPos
LoadMenuW
DestroyCursor
SetWindowPos
CreateDialogParamW
IsCharAlphaW
RemoveMenu
ModifyMenuW
FrameRect
SetScrollRange
SetWindowsHookExW
GetMenu
DialogBoxIndirectParamW
RegisterClassW
UnregisterClassW
SetCapture
OpenClipboard
LoadIconW
DispatchMessageW
GetScrollRange
SetRectEmpty
SetFocus
SetPropW
GetMenuStringW
SetCaretPos
GetCursorPos
RemovePropW
UnhookWindowsHookEx
ShowCaret
MessageBoxA
MessageBeep
CreateWindowExW
GetSubMenu
GetWindowRect
GetDesktopWindow
MessageBoxW
ReleaseDC
GetKeyState
GetDlgItem
GetActiveWindow
IsClipboardFormatAvailable
SetMenuItemInfoW
CallNextHookEx
ScrollWindow
AppendMenuW
EnableMenuItem
GetDCEx
RegisterClassExW
DestroyCaret
IsWindow
SetWindowTextW
DefDlgProcA
DrawIcon
InsertMenuW
DestroyAcceleratorTable
DialogBoxParamW
IsIconic
SetClipboardData
SendMessageW
CharLowerW
ShowScrollBar
CharUpperW
GetClassNameW
SetScrollInfo
FlashWindowEx
DrawIconEx
DrawFrameControl
TrackMouseEvent
GetMessageW
DestroyMenu
SetDlgItemInt
GetSysColor
DestroyIcon
CreateAcceleratorTableW
AdjustWindowRectEx
SetWindowLongW
DeferWindowPos
SetWindowPlacement
GetWindowThreadProcessId
GetMenuItemInfoW
GetClassNameA
CloseClipboard
InflateRect
mouse_event
EndPaint
GetWindowTextLengthW
GetFocus
CreateCaret
BeginDeferWindowPos
DrawFocusRect
GetClientRect
LoadBitmapW
LoadStringW
SetCursor
EmptyClipboard
DrawTextW
UpdateWindow
ShowCursor
DefWindowProcW
PostMessageW
CreateCursor
IsWindowUnicode
LoadCursorW
IsDialogMessageW
GetKeyboardType
IsCharLowerW
DeleteMenu
MoveWindow
TranslateAcceleratorW
GetCapture
FindWindowW
GetLastActivePopup
ClientToScreen
CreateMenu
TranslateMessage
ScreenToClient
GetDC
GetSystemMetrics
InvalidateRect
MapWindowPoints
SystemParametersInfoW
GetMenuItemCount
IsChild
IsCharAlphaNumericW
InsertMenuItemW
SetMenu
GetWindowPlacement
SetParent
SetForegroundWindow
GetParent
GetMonitorInfoW
ToAscii
HideCaret
DestroyWindow
DrawMenuBar
EnableWindow
GetClassLongA
DrawTextExW
GetDlgCtrlID
RegisterWindowMessageW

gdi32

StretchBlt
SetBkMode
DeleteDC
GetTextExtentPoint32W
CreateCompatibleBitmap
LineTo
ExtSelectClipRgn
SetBrushOrgEx
EnumFontFamiliesExW
SaveDC
EndPage
StartDocW
GetPixel
DPtoLP
CreateSolidBrush
CreateCompatibleDC
ExtTextOutW
CreatePen
CreateFontA
PatBlt
CreateHatchBrush
CreateFontIndirectW
OffsetWindowOrgEx
SetWindowOrgEx
CreateFontW
GetTextExtentPointW
StartPage
SetTextAlign
GetViewportOrgEx
LPtoDP
RestoreDC
CreateBitmap
SetBkColor
SetROP2
EndDoc
CreatePatternBrush
DeleteObject
GetROP2
GetObjectW
SelectObject
GetStockObject
GetNearestColor
GdiFlush
GetDeviceCaps
CreateRectRgn
SetTextColor
MoveToEx
GetTextMetricsW
Rectangle

advapi32

RegEnumKeyExW
AllocateAndInitializeSid
RegDeleteKeyW
RegQueryInfoKeyW
RegCloseKey
IsTextUnicode
RegDeleteValueW
FreeSid
CheckTokenMembership
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1922d04c266f386e88970760236562d7

Code Sign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

a6:8a:9c:e7:e0:1d:a4:9a:9e:07:8f:df:0f:bc:77:8c:21:dd:83:8f:03:85:e2:de:03:cf:b5:2e:c4:a3:5c:61Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 123KB - Virtual size: 123KB

.data Size: 2KB - Virtual size: 7KB

.reloc Size: 52KB - Virtual size: 51KB

.rsrc Size: 77KB - Virtual size: 76KB

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

a6:8a:9c:e7:e0:1d:a4:9a:9e:07:8f:df:0f:bc:77:8c:21:dd:83:8f:03:85:e2:de:03:cf:b5:2e:c4:a3:5c:61
Signer

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 123KB - Virtual size: 123KB

.data
Size: 2KB - Virtual size: 7KB

.reloc
Size: 52KB - Virtual size: 51KB

.rsrc
Size: 77KB - Virtual size: 76KB