3883c9ebac21a2f11ee37323e50c13c4

Sharing

Copy URL

Twitter E-mail

General

Target

3883c9ebac21a2f11ee37323e50c13c4
Size

281KB
MD5

3883c9ebac21a2f11ee37323e50c13c4
SHA1

8b300163621f29a494472a13f7ebdc5ff2b048bc
SHA256

7fc1ffcb9ca4511c65b3004bffcdb354baeb8f82006b5e1076ebab9f4bc6bb11
SHA512

1000fafafd4a7176d014433ade08500565d3b7c08d858e8d6aea682c5927ca22d66f25c91d6873f5a06f8262b7ee914bcc99d0280b88f8380143ebfc574539c8
SSDEEP

6144:mDS7iOc9kMGO0Xra/s8vyTBSN5EQFSWoCh:mic6M4ra/s8vyTMN5nSWL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3883c9ebac21a2f11ee37323e50c13c4

Files

3883c9ebac21a2f11ee37323e50c13c4
.dll windows:5 windows x86 arch:x86

fca2c67cc99a2365c45b0df3b1d7e617

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeResource
FreeLibrary
LoadResource
SetUnhandledExceptionFilter
GetCurrentProcess
GetWindowsDirectoryA
WideCharToMultiByte
Sleep
SizeofResource
GetFileAttributesA
CreateProcessA
MultiByteToWideChar
CreateDirectoryA
Process32FirstW
CreateFileMappingA
LockResource
Process32NextW
CreateMutexA
CreateToolhelp32Snapshot
GetCurrentThreadId
ReleaseMutex
GetCurrentProcessId
OpenFileMappingA
WriteProcessMemory
ExitProcess
SetProcessWorkingSetSize
SetFileAttributesA
CreateRemoteThread
VirtualQueryEx
OpenProcess
VirtualFreeEx
LoadLibraryW
GetModuleFileNameW
FreeLibraryAndExitThread
VirtualAllocEx
SetEndOfFile
CompareStringW
CompareStringA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
FindResourceA
CreateThread
DeleteFileA
ResumeThread
CloseHandle
GetModuleFileNameA
GetLastError
ReadFile
WriteFile
WaitForSingleObject
MapViewOfFile
SetFilePointer
GetFileSize
CreateFileA
GetTickCount
VirtualProtect
GetModuleHandleA
VirtualAlloc
GetProcAddress
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryA
EnterCriticalSection
LCMapStringW
LCMapStringA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RaiseException
HeapSize
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
RtlUnwind
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetStdHandle
HeapReAlloc
HeapDestroy
HeapCreate
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetCommandLineA
GetModuleHandleW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
LeaveCriticalSection
SetEnvironmentVariableA
GetProcessHeap

user32

FindWindowA
GetMessageW
LoadCursorW
TranslateMessage
LoadIconW
CreateWindowExA
DispatchMessageW
RegisterClassA
GetWindowThreadProcessId
DefWindowProcW
ShowWindow
UpdateWindow
PostThreadMessageW

gdi32

GetStockObject

advapi32

RegCloseKey
AdjustTokenPrivileges
ControlService
OpenSCManagerA
RegQueryInfoKeyA
RegOpenKeyExA
LookupPrivilegeValueW
StartServiceA
RegEnumKeyExA
CreateServiceA
RegQueryValueExA
DeleteService
OpenProcessToken
CloseServiceHandle
OpenServiceA

ole32

CoInitialize
CoCreateGuid

ws2_32

__WSAFDIsSet
closesocket
gethostbyname
send
listen
accept
htonl
WSAStartup
gethostname
WSAGetLastError
socket
bind
sendto
setsockopt
shutdown
htons
select
inet_addr
recvfrom
inet_ntoa
connect
getpeername
recv

imagehlp

CheckSumMappedFile

dbghelp

MiniDumpWriteDump

iphlpapi

GetAdaptersInfo

shlwapi

StrStrIA

Exports

Exports

R0010001
R0010002
R0010003

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fca2c67cc99a2365c45b0df3b1d7e617

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

ws2_32

imagehlp

dbghelp

iphlpapi

shlwapi

Exports

Exports

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 42KB - Virtual size: 41KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 55KB - Virtual size: 54KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 42KB - Virtual size: 41KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 55KB - Virtual size: 54KB

.reloc
Size: 10KB - Virtual size: 9KB