38db2170363ed368f037e4a6e36103fe

Sharing

Copy URL Twitter E-mail

General

Target

38db2170363ed368f037e4a6e36103fe
Size

102KB
MD5

38db2170363ed368f037e4a6e36103fe
SHA1

4e6fc7a7228b50ca7aa7118e961114d1c5136dcb
SHA256

c8bee3fcb47c11e8f8bc4cea6a0be4267617b02edf641e086394c87704a6805b
SHA512

6d8d2089e08c8dbab8ed05ab5863a4ce1ccd08e0e2cebc112b44f45577f2b0c791510e5d2ce5664bc9d646186336b7ddfb91a317ac05e53ad26459db1f5c1708
SSDEEP

3072:G0+hsZ9f0BAvhzrAZd6pDNqMcHTCzwUF+:GdQ9UAv2d6p5ncHTCzw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38db2170363ed368f037e4a6e36103fe

Files

38db2170363ed368f037e4a6e36103fe
.dll windows:4 windows x86 arch:x86

c7abae9d3dff727271d7215e40532779

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadWritePtr
TlsSetValue
GetTempPathA
VirtualAlloc
EnumResourceTypesW
GetProcessHeaps
WritePrivateProfileStringW
ClearCommBreak
GetCPInfo
ReleaseSemaphore
OpenFile
WritePrivateProfileSectionA
SetConsoleOutputCP
GetSystemDefaultLangID
OpenFileMappingW
FormatMessageA
GetCommandLineW
HeapWalk
TerminateThread
HeapCreate
GetProfileSectionA
lstrcmpiW
DeleteCriticalSection
GetComputerNameA
GetTempFileNameA
GetConsoleAliasExesLengthW
LocalUnlock
VirtualFree
EnumCalendarInfoA
GetLogicalDriveStringsW
SetConsoleInputExeNameA
VDMOperationStarted
FatalExit
GetFileAttributesW
EraseTape
GetLastError
HeapValidate

user32

QuerySendMessage
GetMessageExtraInfo
VkKeyScanExA
MapWindowPoints
DlgDirListA
DdeQueryNextServer
LoadCursorFromFileA
GetUserObjectSecurity
LoadLocalFonts
InSendMessage
SetWindowLongA
DefMDIChildProcW
LoadKeyboardLayoutEx
IsDialogMessageW

gdi32

GetStretchBltMode
GetKerningPairs
Rectangle
AbortDoc
GetKerningPairsW
CreateSolidBrush
EnumFontsW
CreateBitmapIndirect
EnumFontFamiliesA
GetTextCharset
SetWindowOrgEx
GetNearestPaletteIndex
UpdateColors
EnumObjects
SetMagicColors
CreateRoundRectRgn
GdiEntry4
GetColorSpace
GdiSetPixelFormat
gdiPlaySpoolStream
GdiValidateHandle
GetPixel
GetOutlineTextMetricsA
GetEnhMetaFileDescriptionA
GetFontData
SetColorSpace
GdiConvertRegion
GetBitmapDimensionEx
GetICMProfileA
GdiSetBatchLimit
PlayEnhMetaFileRecord
GetCurrentObject
GdiIsMetaPrintDC
PolyBezier
SetBrushOrgEx
GetClipRgn
SetTextCharacterExtra

ole32

CoGetTreatAsClass
PropSysAllocString
DllGetClassObject
StgOpenAsyncDocfileOnIFillLockBytes
CoInitialize
UtGetDvtd32Info
PropVariantCopy
OleDuplicateData
StgOpenStorageOnILockBytes
CoTreatAsClass
WdtpInterfacePointer_UserFree
CoSwitchCallContext
CLIPFORMAT_UserMarshal
WriteStringStream
HBRUSH_UserMarshal
PropVariantClear
ReadClassStg
OleDraw
HMETAFILEPICT_UserUnmarshal
HACCEL_UserSize
CreateGenericComposite
OleInitializeWOW
IsValidPtrIn
CoQueryAuthenticationServices
CoFreeAllLibraries
CreateFileMoniker
StgCreateDocfileOnILockBytes
OleNoteObjectVisible
HGLOBAL_UserSize
CreateDataAdviseHolder
SNB_UserFree
CLIPFORMAT_UserSize
CLSIDFromProgID
OleCreate
StgIsStorageILockBytes
HWND_UserUnmarshal
OleMetafilePictFromIconAndLabel
ProgIDFromCLSID
CoCreateInstanceEx

oleaut32

VarI4FromR8
VarI2FromDisp
VarR4FromUI4
VarI1FromI2
BSTR_UserSize
VarBoolFromDate
VarI1FromR4
SafeArrayAllocData
VarUI1FromCy
VarR8FromDate
VarR4FromUI2
SysStringByteLen
DllUnregisterServer
DosDateTimeToVariantTime
VarUI4FromStr
VarUI1FromBool
VarR8FromUI4
LPSAFEARRAY_UserFree
VarR8FromDec
VarI1FromUI1
CreateStdDispatch
VarR8FromI1
RegisterActiveObject
LPSAFEARRAY_Marshal
VarI4FromUI4
VarUI1FromUI2
VarUI1FromI1
VarBstrFromBool
VarParseNumFromStr
SafeArrayCopyData
VarCyFromI2
VarBstrFromR8
VarCyFromUI1
GetAltMonthNames

Sections

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 35KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 54KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7abae9d3dff727271d7215e40532779

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

Sections

.data Size: 4KB - Virtual size: 8KB

.idata Size: 7KB - Virtual size: 16KB

.text Size: 35KB - Virtual size: 112KB

BSS Size: 54KB - Virtual size: 128KB

.reloc Size: 1024B - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 8KB

.idata
Size: 7KB - Virtual size: 16KB

.text
Size: 35KB - Virtual size: 112KB

BSS
Size: 54KB - Virtual size: 128KB

.reloc
Size: 1024B - Virtual size: 4KB