3e3665367830dace07af54228ac37e35

Sharing

Copy URL Twitter E-mail

General

Target

3e3665367830dace07af54228ac37e35
Size

156KB
MD5

3e3665367830dace07af54228ac37e35
SHA1

ae7e443a64663c5758fc68564a32c710199ea422
SHA256

130dda4d0700869c42f431072979be97c1d84ca6fe2c115ace3bcca512d8b2b4
SHA512

4001cc911d9521d395b177a7a3d6d865fba9740d277c7281fe560556ea190e30f2e842e20034b1a4cbb3b24238099bd31870b378edaa1362ecb537dfac47f35d
SSDEEP

3072:1t0i5aFYQZUBxBnqj8hTCyx0rRc79/5xLwVB40lSHzS:1LhBDq4hTd779DsX4XHzS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e3665367830dace07af54228ac37e35

Files

3e3665367830dace07af54228ac37e35
.dll windows:4 windows x86 arch:x86

18ed2576572ab572b52f05cf4f93caad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpW
lstrcatA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcmpA
GlobalFlags
GetCPInfo
GetOEMCP
HeapAlloc
ExitProcess
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
HeapReAlloc
GetCommandLineA
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
FindFirstFileA
FindClose
lstrcpyA
GetCurrentProcess
DeleteFileA
MoveFileA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalFree
lstrcpynA
LocalFree
SetFilePointer
GetFileSize
GetPrivateProfileStringA
GetSystemDirectoryA
GetVolumeInformationA
GlobalAlloc
GlobalLock
GlobalUnlock
GetTickCount
SetLastError
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentThreadId
FormatMessageA
ExitThread
GetCurrentProcessId
WriteFile
FlushFileBuffers
Sleep
CreateThread
CreateFileA
ReadFile
CopyFileA
CompareStringW
CompareStringA
VirtualAllocEx
VirtualFreeEx
CreateRemoteThread
WaitForSingleObject
GetExitCodeThread
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
FreeLibrary
LoadLibraryA
OpenProcess
WriteProcessMemory
CloseHandle
GetProcAddress
HeapSize
GetModuleHandleA

user32

SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowTextA
ValidateRect
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
GetWindowTextA
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
GetKeyState
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
MessageBoxA
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PostQuitMessage
GetForegroundWindow
DestroyMenu
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
DispatchMessageA
PeekMessageA
PostMessageA
EnableWindow
UnregisterClassA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
LoadCursorA
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
PtInRect
GetWindow
SendMessageA

gdi32

CreateBitmap
GetStockObject
DeleteDC
ScaleWindowExtEx
SelectObject
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetDeviceCaps
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
SetViewportOrgEx

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegDeleteValueA
RegSetValueExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA

comctl32

ord17

ws2_32

WSASend
WSARecv
WSARecvFrom
send
sendto
recv
recvfrom
socket
connect
closesocket
select
WSASetLastError
WSAStartup
WSACleanup
htons
inet_addr
gethostbyname

mswsock

WSARecvEx

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

Proc1
Rundll

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18ed2576572ab572b52f05cf4f93caad

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ws2_32

mswsock

oleaut32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 25KB

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 25KB

.reloc
Size: 20KB - Virtual size: 17KB