227b943428a292df4cc961afc81e5636

Sharing

Copy URL Twitter E-mail

General

Target

227b943428a292df4cc961afc81e5636
Size

168KB
MD5

227b943428a292df4cc961afc81e5636
SHA1

354c1912c5b5581d50454de7a050d509cba3142e
SHA256

be7d9a90c4143a50144fd0463e993f0b5e0f0f5bae00e7efc5721edf4760fdcb
SHA512

2fb8f9535f91dfa67a331df06daf72d51391c95916f48ce2828b5b38b17e0f258586cd25757e03a119323b5d4ef159eec3a7547d1e033ff8b9f6b27c5a0c8db8
SSDEEP

3072:jiiiO+beRcB43nilG4tK13oYvqCD4LlJNlC/dlGVz:jiiLoeRFilG4A1F/D8GdYVz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
227b943428a292df4cc961afc81e5636

Files

227b943428a292df4cc961afc81e5636
.dll windows:4 windows x86 arch:x86

156bbb3bb57b31fe3beb9e3848194d8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GetProcAddress
GetModuleHandleA
FlushFileBuffers
DeleteFileA
SetFileAttributesA
lstrcatA
MoveFileExA
CopyFileA
CreateProcessA
ExitProcess
VirtualProtect
IsBadReadPtr
WaitForMultipleObjects
FreeLibrary
LoadLibraryA
GetCurrentDirectoryA
GetDiskFreeSpaceExA
GlobalMemoryStatus
GetSystemPowerStatus
GetSystemInfo
GetLocaleInfoA
lstrcmpiA
GetVersionExA
GetSystemDirectoryA
DuplicateHandle
CreateThread
SystemTimeToFileTime
DosDateTimeToFileTime
SetFileTime
SetStdHandle
IsBadCodePtr
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetWindowsDirectoryA
TerminateThread
SetUnhandledExceptionFilter
CreateDirectoryA
GetModuleFileNameA
GetTickCount
GetFileType
lstrcmpA
WaitForSingleObject
GetExitCodeThread
GetCurrentProcessId
GetLocalTime
WriteFile
SetEndOfFile
lstrlenA
GetFileSize
GetLastError
SetFilePointer
CreateFileA
ReadFile
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
GetCurrentThreadId
lstrcpyA
GetStartupInfoA
GetStdHandle
SetHandleCount
LeaveCriticalSection
GetCurrentProcess
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
HeapFree
InterlockedDecrement
InterlockedIncrement
HeapAlloc
RtlUnwind
GetFileAttributesA
GetCommandLineA
GetVersion
TerminateProcess
HeapReAlloc
HeapSize

user32

DialogBoxParamA
SendMessageA
FindWindowA
KillTimer
EnableWindow
ShowWindow
GetDlgItem
EndPaint
BeginPaint
EndDialog
SetWindowPos
LoadImageA
SetDlgItemTextA
PostMessageA
GetDlgItemTextA
wsprintfA
SetTimer

gdi32

SetTextColor
CreateCompatibleDC
SelectObject
GetObjectA
CreateBitmap
BitBlt
SetBkColor

advapi32

CryptCreateHash
CryptReleaseContext
RegOpenKeyExA
CryptEncrypt
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
CryptGetHashParam
CryptDeriveKey
CryptDecrypt
CryptImportKey
CryptHashData
CryptVerifySignatureA
CryptDestroyHash
CryptDestroyKey
CryptAcquireContextA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

comctl32

InitCommonControlsEx

wininet

InternetQueryOptionA
InternetSetOptionA
InternetSetStatusCallback
InternetOpenA
InternetConnectA
InternetCloseHandle
InternetReadFile
InternetGetLastResponseInfoA
InternetOpenUrlA
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
DeleteUrlCacheEntry

ws2_32

gethostbyname
inet_addr
WSACleanup
WSAStartup
gethostbyaddr

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

156bbb3bb57b31fe3beb9e3848194d8c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

comctl32

wininet

ws2_32

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 24KB - Virtual size: 39KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 24KB - Virtual size: 39KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 8KB