2919dfc18c864397a140a7973d64a372

Sharing

Copy URL

Twitter E-mail

General

Target

2919dfc18c864397a140a7973d64a372
Size

244KB
MD5

2919dfc18c864397a140a7973d64a372
SHA1

d7bf2b9aa890492504d8b5d441c38b46c8ec8040
SHA256

e529481ad432ed7135184ecfab9505cbd7cc8361ab25856a9d030422922a84c9
SHA512

c61167c5259e7dd2ad843ce730ce1253e57defade6f67843cc3643e9f863930d8fcc0d159efd4940a5447d16a9039abb54d198380805a5c4fcba3e1d2a6e2e56
SSDEEP

6144:8D6albx2QCmzKvafphLzvQSVyAaUOWMjjlQd8K17LuM6:AbQiAafbLztYAaNjrUGM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2919dfc18c864397a140a7973d64a372

Files

2919dfc18c864397a140a7973d64a372
.dll windows:4 windows x86 arch:x86

f6cd9682c9f0e892c14708c8bcc6c15a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

ShellExecuteExW
ShellAboutW
SHGetSpecialFolderPathW
SHGetSettings
DragQueryFileW
DragFinish

kernel32

lstrlenW
lstrcmpW
TerminateProcess
SetUnhandledExceptionFilter
SetThreadPriority
MultiByteToWideChar
MulDiv
LoadLibraryW
LoadLibraryExW
LoadLibraryExA
InterlockedIncrement
HeapCreate
HeapAlloc
GlobalGetAtomNameW
GlobalFree
GlobalAlloc
GlobalAddAtomW
GetVersionExA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetShortPathNameW
GetModuleHandleA
GetLastError
GetDateFormatW
GetCurrentThreadId
GetCommandLineA
ExitProcess
DeleteAtom
CreateFileW
CreateEventW
AddAtomW

ole32

StringFromCLSID
StgCreateDocfileOnILockBytes
ReleaseStgMedium
OleUninitialize
OleRegGetUserType
OleInitialize
CreateILockBytesOnHGlobal
CoTaskMemFree
CLSIDFromString

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
ChooseFontW

shlwapi

PathFindFileNameW

user32

WinHelpW
CallNextHookEx
CharToOemBuffA
DefWindowProcW
EnableWindow
FindWindowW
GetActiveWindow
GetAsyncKeyState
GetDC
GetMonitorInfoW
GetNextDlgTabItem
LoadIconW
LoadMenuW
OffsetRect
PeekMessageW
SendMessageTimeoutW
SendMessageW
SetCursor
SetFocus
SetRect
UpdateWindow
SendDlgItemMessageW

msvcrt

memmove
exit
_wcsdup
_onexit
_initterm
_controlfp
_cexit
_c_exit
setlocale
__wgetmainargs
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__dllonexit
__CxxFrameHandler
_XcptFilter
wcscmp
wcscoll
wcslen
wcstod
_adjust_fdiv

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW

gdi32

CreateCompatibleDC
CreateDCW
CreateFontIndirectW
CreateICW
CreatePen
CreateSolidBrush
DPtoLP
DeleteObject
Escape
ExtTextOutW
GetBkColor
GetDeviceCaps
GetObjectW
GetPaletteEntries
GetStockObject
GetTextColor
GetTextExtentPoint32W
GetTextMetricsW
PtVisible
RectVisible
Rectangle
ScaleWindowExtEx
SelectObject
SetBkMode
SetDCBrushColor
SetPixel
SetTextColor
TextOutW

Exports

Exports

CreateBlockAccessFromImage
EnumAvValueNext
GetAvValue
GetAvailableDrivesEx
GetDevicePropertyData
RotateBMP
UnregisterDriveChangeCallback

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6cd9682c9f0e892c14708c8bcc6c15a

Headers

File Characteristics

Imports

shell32

kernel32

ole32

comdlg32

shlwapi

user32

msvcrt

advapi32

gdi32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 160KB

.data Size: 72KB - Virtual size: 116KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 160KB - Virtual size: 160KB

.data
Size: 72KB - Virtual size: 116KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB