37565897439bbbda598d7913f35f56f3

Sharing

Copy URL Twitter E-mail

General

Target

37565897439bbbda598d7913f35f56f3
Size

53KB
MD5

37565897439bbbda598d7913f35f56f3
SHA1

0c74b86dcb50837b394b113c6001a59ed76113a2
SHA256

550a42b49e92558a91f4ca38cc6e66ee53fcc1682dd4c9737de0bb4ca65b4abc
SHA512

d4d1112fc26ba0a3a192c1f310bcfd38e446093513ebccd4d250d8ea4888f7656b1817e76efe5c73896f4cec00773c8cd1e41a56fda91b76f2e369582c53272e
SSDEEP

1536:EUA5+AloOwK/t0y/7MwyKP6/WQzCsEaoFg+c:EB+Al574wyojCsaSg+c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37565897439bbbda598d7913f35f56f3

Files

37565897439bbbda598d7913f35f56f3
.dll windows:5 windows x86 arch:x86

123f093ed284d02a64a167aba613b2eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

deplmmon

ImmIsUIMessageA
ImmGetContext
ImmTranslateMessage
DllUnregisterServer
CtfImmLastEnabledWndDestroy
ILAppendID
SdbOpenDatabase
PifMgr_SetProperties
SdbFindFirstMsiPackage
SdbRegisterDatabase
CtfAImmActivate
CDefFolderMenu_Create
SdbTagToString
ImmIsIME
OpenRegStream
ImmSetCompositionWindow
PathIsSlowA
SdbOpenApphelpDetailsDatabase
SdbFindFirstTagRef
DAD_AutoScroll
SdbGrabMatchingInfo
CtfImmGenerateMessage
ImmGetIMCCSize
RegenerateUserEnvironment
ImmLoadIME
SdbReadBinaryTag
ImmPutImeMenuItemsIntoMappedFile
SdbQueryDataEx
ShimDumpCache
ImmSetConversionStatus
ImmUnlockIMCC
CtfImmIsTextFrameServiceDisabled
DllRegisterServer
ImmIMPQueryIMEA
ImmGetGuideLineA
FindExecutableA
PathIsExe
ImmSetCompositionFontA
ImmAssociateContext
ImmSetActiveContext
ExtractIconA
SdbDeletePermLayerKeys
PickIconDlg
ImmGenerateMessage
SdbGetDatabaseVersion
DllGetClassObject

kernel32

WaitForMultipleObjects
UnmapViewOfFile
LocalFree
MapViewOfFile
VirtualQueryEx
GetLocalTime
GetModuleHandleA
LocalAlloc
LockFile
SystemTimeToFileTime
MultiByteToWideChar
SetFileTime
CreateFileMappingA
DeviceIoControl

advapi32

QueryServiceStatus
AllocateAndInitializeSid
CloseServiceHandle
RegFlushKey
RegCloseKey

ole32

StringFromGUID2

user32

DestroyIcon
GetCursorPos
GetKeyState
MapDialogRect
CreateIconIndirect
GetSystemMetrics
InvalidateRgn
WindowFromPoint
IsIconic
DeleteMenu
InflateRect

netapi32

NetShareEnum

Exports

Exports

CreateProcessNotify
ipxrstub

Sections

.text
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

123f093ed284d02a64a167aba613b2eb

Headers

File Characteristics

Imports

deplmmon

kernel32

advapi32

ole32

user32

netapi32

Exports

Exports

Sections

.text Size: 47KB - Virtual size: 48KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 47KB - Virtual size: 48KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB