2256fd168201bc764dd49a334b086c58

Sharing

Copy URL Twitter E-mail

General

Target

2256fd168201bc764dd49a334b086c58
Size

131KB
MD5

2256fd168201bc764dd49a334b086c58
SHA1

35353191981569c2d7cd4c68cf497706beea684b
SHA256

60a24662ea4a59058b5342858acc2bff4716b8ed72cfa0f0b0173e5e2e0a0b3b
SHA512

1ece8cc9daac8a83efe40661273c06493992af70cc20b6361d026ac8e30f9f0f2d49da67ffb4f60d50bd0590990fbb0bb3c926002d50121e4bf0d42c0de23f0c
SSDEEP

3072:L4nLQPjjO6nDOpcUjZtOUL9kmSWYmDLpY+TpQjNJZhg8:L2LQLyVpcyZjWmN3JYSIHZS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2256fd168201bc764dd49a334b086c58

Files

2256fd168201bc764dd49a334b086c58
.dll windows:5 windows x86 arch:x86

aef24ab66c908b72c742f44b35f75538

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ScreenToClient
UnloadKeyboardLayout
SetWindowLongW
InsertMenuItemW
LoadIconA
GetIconInfo
GetWindowPlacement
GetWindowTextW
InvertRect
SetWindowPos
RemoveMenu
CharToOemA
ModifyMenuA
SendMessageTimeoutW
PostThreadMessageA
SetPropW
GetActiveWindow
LoadStringW
IsDialogMessageA
DispatchMessageA
CharUpperA
IsWindowUnicode
GetWindowDC
CharUpperBuffW
IsDialogMessageW
SetScrollInfo
InvalidateRect
GetCaretPos
DeleteMenu
CharNextW
IsWindowVisible
GetMenuStringA
MessageBoxExW
GetDlgItemTextW
ExitWindowsEx
VkKeyScanW
IsMenu
SetWindowLongA

comctl32

ImageList_Remove
ImageList_Draw
CreatePropertySheetPageA

comdlg32

ChooseFontW
GetSaveFileNameW
PrintDlgExW
GetSaveFileNameA

kernel32

UnmapViewOfFile
GetCommProperties
GlobalAlloc
EnumResourceNamesW
LoadLibraryW
VerifyVersionInfoW
SetCommMask
GetUserDefaultLCID
DisconnectNamedPipe
GetSystemDirectoryA
CancelIo
ResetEvent
GetAtomNameW
GlobalFindAtomW
GetStartupInfoW
GetDateFormatW
SearchPathW

gdi32

CreateBitmapIndirect
GetTextExtentPointW
CreateFontA
GetTextFaceW
CreateFontIndirectW
CreateHatchBrush
BeginPath
SetRectRgn
EnumFontFamiliesW
GetBoundsRect
GetTextColor
GetDIBits
RectVisible
StretchBlt
SetWindowExtEx
GetTextMetricsA
ResizePalette

Exports

Exports

AlphaBlend
?DmjdjhUYDoiu7DIOdiouYUDIOYuikdHhd@@YGKEPA_WG@Z

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.fdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 61KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aef24ab66c908b72c742f44b35f75538

Headers

File Characteristics

Imports

user32

comctl32

comdlg32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 49KB

.fdata Size: 12KB - Virtual size: 12KB

.data Size: 1KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 2KB

.xdata Size: 61KB - Virtual size: 156KB

.gdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 49KB - Virtual size: 49KB

.fdata
Size: 12KB - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 2KB

.xdata
Size: 61KB - Virtual size: 156KB

.gdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB