2374bdb84bd6dd93ee5febd8194339cf

Sharing

Copy URL Twitter E-mail

General

Target

2374bdb84bd6dd93ee5febd8194339cf
Size

5.8MB
MD5

2374bdb84bd6dd93ee5febd8194339cf
SHA1

20fb3c30b0ed6ced07478465787e87a79a54a464
SHA256

dc547585043248b57d374e089d690c958da80e602626466c9fd635a603191e79
SHA512

72934792f2ec4ae5046dbd85639378e4cc51ca814d40ab8c4da7693d8bb8a7feae122561d55fd48acd4e6315b7c1f3d4ab77ba049c0f2166087335564e87010d
SSDEEP

98304:SyrisbJI/6nY1b9Ty/yDILdLCVKktD1zCeJ2gprejcVpKiuQlf:vbbJI/kYtmyDIxLCsir22KIU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2374bdb84bd6dd93ee5febd8194339cf

Files

2374bdb84bd6dd93ee5febd8194339cf
.dll windows:5 windows x86 arch:x86

eac588c68a744e9c0dc4b7b2ea66ac5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winmm

PlaySoundW

wininet

FindFirstUrlCacheEntryW

winspool.drv

DocumentPropertiesW

comctl32

ImageList_GetImageInfo

shell32

SHGetSpecialFolderLocation

user32

DdeSetUserHandle
GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

version

GetFileVersionInfoSizeW

oleaut32

GetErrorInfo

advapi32

RegSetValueExW

netapi32

NetWkstaGetInfo

msvcrt

memcpy

winhttp

WinHttpGetIEProxyConfigForCurrentUser

kernel32

GetVersion
GetVersionExW
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

shfolder

SHGetFolderPathW

wsock32

gethostbyaddr

ole32

OleRegEnumVerbs

gdi32

Pie

ntdll

RtlCompressBuffer

wtsapi32

WTSSendMessageW

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
zzB82zTDipGNbuolzA6

Sections

7+1t_kfC
Size: - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

hTPD.Rf<
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

AK9wo;"W
Size: - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RDr@Bw1;
Size: - Virtual size: 36KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

c)cha O
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

(euk[%Jd
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Zr$?nai@
Size: - Virtual size: 189B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

@/R"j&+
Size: - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_ToXSMc
Size: - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

t__I3AGY
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

v6MPdfFK
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

uhb,W5.h
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eac588c68a744e9c0dc4b7b2ea66ac5a

Headers

File Characteristics

Imports

winmm

wininet

winspool.drv

comctl32

shell32

user32

version

oleaut32

advapi32

netapi32

msvcrt

winhttp

kernel32

shfolder

wsock32

ole32

gdi32

ntdll

wtsapi32

Exports

Exports

Sections

7+1t_kfC Size: - Virtual size: 4.5MB

hTPD.Rf< Size: - Virtual size: 10KB

AK9wo;"W Size: - Virtual size: 78KB

RDr@Bw1; Size: - Virtual size: 36KB

c)cha O Size: - Virtual size: 17KB

(euk[%Jd Size: - Virtual size: 3KB

Zr$?nai@ Size: - Virtual size: 189B

@/R"j&+ Size: - Virtual size: 69B

_ToXSMc Size: - Virtual size: 2.6MB

t__I3AGY Size: 5.8MB - Virtual size: 5.8MB

v6MPdfFK Size: 1KB - Virtual size: 1KB

uhb,W5.h Size: 1024B - Virtual size: 624B

7+1t_kfC
Size: - Virtual size: 4.5MB

hTPD.Rf<
Size: - Virtual size: 10KB

AK9wo;"W
Size: - Virtual size: 78KB

RDr@Bw1;
Size: - Virtual size: 36KB

c)cha O
Size: - Virtual size: 17KB

(euk[%Jd
Size: - Virtual size: 3KB

Zr$?nai@
Size: - Virtual size: 189B

@/R"j&+
Size: - Virtual size: 69B

_ToXSMc
Size: - Virtual size: 2.6MB

t__I3AGY
Size: 5.8MB - Virtual size: 5.8MB

v6MPdfFK
Size: 1KB - Virtual size: 1KB

uhb,W5.h
Size: 1024B - Virtual size: 624B