42169415abe860f593c604916cd65789

Sharing

Copy URL Twitter E-mail

General

Target

42169415abe860f593c604916cd65789
Size

245KB
MD5

42169415abe860f593c604916cd65789
SHA1

f522bf1e3bc7833525b10dcb828bdad45dd46bf2
SHA256

2ae31fc187b2af06f800f17e29a3913d54fd9f8a532c990c927ff7e47a41a4dd
SHA512

28282ba49d7babf6cf793945de8719db8b6608107728f595d5f1eeae2c318521839cb7b47c68e7961027eb20e054968357b557ece6f69aa1a67855c4c822e2cc
SSDEEP

6144:lR9qUY8/K1g/hP3ofNlQeeaQeeN9QeesQeeI6QeehQeesU4bVxFzWMssE:lR9qUY8yshPg4lCP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42169415abe860f593c604916cd65789

Files

42169415abe860f593c604916cd65789
.dll windows:5 windows x86 arch:x86

f3b8bf4b49e20b7a2ae29a22dae9dfef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
VirtualProtect
LoadLibraryA
DisableThreadLibraryCalls
Beep
Sleep
IsBadReadPtr
EncodePointer
DecodePointer
InterlockedExchange
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleA
GetProcAddress
OutputDebugStringA
GetSystemInfo
IsProcessorFeaturePresent

user32

GetAsyncKeyState
SetRect
MessageBoxA

gdi32

GetCharacterPlacementA
GetCharacterPlacementW
SetBkMode
GetGlyphOutlineA
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
GetTextMetricsA
GetObjectW
GetTextMetricsW
SetBkColor
ExtTextOutA
SetTextAlign
SetMapMode
CreateCompatibleDC
SelectObject
DeleteObject
GetObjectA
CreateDIBSection
DeleteDC
SetTextColor
ExtTextOutW
MoveToEx

msvcr100

_finite
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_time64
_localtime64
sprintf
??2@YAPAXI@Z
exit
??3@YAXPAX@Z
malloc
_ftol
strncpy
iswpunct
iswdigit
iswalpha
iswspace
_CIacos
memcpy
__CxxFrameHandler

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3b8bf4b49e20b7a2ae29a22dae9dfef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msvcr100

wininet

advapi32

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 64KB - Virtual size: 64KB

.data Size: 39KB - Virtual size: 51KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 19KB - Virtual size: 19KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 64KB - Virtual size: 64KB

.data
Size: 39KB - Virtual size: 51KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 19KB - Virtual size: 19KB