4037e66e847da278a52718c56e3fa4bf

Sharing

Copy URL Twitter E-mail

General

Target

4037e66e847da278a52718c56e3fa4bf
Size

450KB
MD5

4037e66e847da278a52718c56e3fa4bf
SHA1

8d89e81b4c4f7e2313dff99032f9790072f94af8
SHA256

ec2ba5113c95009cf8b44aad2d6e77f1c68cf5b395c565121c4fac9376700c19
SHA512

75fbcc5e049fa9e47b64496217e884e08e2a46a39e0b427d88ba6d9f319789f116511188eac20c4d9c0fb969a68c51d6b2667b8eac58f3df04de2404cd5d86f2
SSDEEP

12288:wfMRAKlHbPYyAU9LsIfy4/iwy/fLMYwDG2+Lodem7D88ciG:w8LHbPYyl9g6y4/iwywYwSzLyhs8xG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4037e66e847da278a52718c56e3fa4bf

Files

4037e66e847da278a52718c56e3fa4bf
.dll windows:5 windows x86 arch:x86

f26bbea8cc130299df9f339750c9fc86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiOpenDeviceInterfaceW
SetupDiOpenClassRegKey
SetupDiGetHwProfileFriendlyNameExW
SetupDiGetDeviceInfoListClass
SetupDiGetClassRegistryPropertyW
SetupDiGetClassDevsA
SetupCommitFileQueueA
CM_Set_HW_Prof_Ex
CM_Request_Device_EjectA
CM_Get_Resource_Conflict_DetailsW
CM_Get_Res_Des_Data_Ex
CM_Get_DevNode_Custom_PropertyW
CM_Enable_DevNode
CM_Disable_DevNode_Ex
CM_Create_Range_List
CMP_Report_LogOn

ntdll

RtlxUnicodeStringToAnsiSize
RtlUpdateTimer
RtlUnicodeToOemN
RtlSetAllBits
RtlNtStatusToDosError
RtlInitUnicodeString
RtlGetUserInfoHeap
RtlGetOwnerSecurityDescriptor
RtlFindClearBitsAndSet
RtlEqualPrefixSid
ZwAdjustPrivilegesToken
RtlDeleteSecurityObject
RtlDeleteAtomFromAtomTable
RtlCreateUserThread
RtlCreateAcl
RtlApplyRXactNoFlush
RtlAddAccessDeniedAceEx
NtSetDefaultLocale
NtReadFileScatter
NtQueryTimerResolution
NtPrivilegeObjectAuditAlarm
NtNotifyChangeDirectoryFile
NtFlushVirtualMemory
NtCloseObjectAuditAlarm
NtAllocateUuids
LdrFlushAlternateResourceModules
ZwCompleteConnectPort
ZwImpersonateThread
RtlEqualComputerName

kernel32

GetCompressedFileSizeA
ExitProcess
EscapeCommFunction
EnumSystemLanguageGroupsA
EnumSystemCodePagesA
EnumDateFormatsExA
EnumCalendarInfoA
DeleteFileA
CreateSemaphoreA
CreateMutexW
CompareStringA
CancelTimerQueueTimer
CancelDeviceWakeupRequest
FindFirstFileExA
FindFirstVolumeMountPointA
FreeUserPhysicalPages
GetCommState
lstrcpyW
lstrcpyA
WriteFileGather
VerifyVersionInfoA
VerLanguageNameW
VerLanguageNameA
SetupComm
SetLastError
SetFilePointerEx
SetCommMask
ResetEvent
PrepareTape
OpenWaitableTimerW
OpenSemaphoreA
MoveFileWithProgressA
LocalSize
LCMapStringA
HeapAlloc
GlobalUnWire
GlobalFindAtomW
GetTickCount
GetProfileIntA
GetProcessPriorityBoost
GetProcAddress
GetPrivateProfileIntW
GetMailslotInfo
GetLocalTime
GetFileSize
GetDateFormatA
GetCommandLineA
FatalAppExitA

version

GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerFindFileA
VerInstallFileA
VerInstallFileW
VerQueryValueA
VerQueryValueW
GetFileVersionInfoA

winmm

midiOutMessage
midiOutGetID
midiOutSetVolume
midiStreamOut
midiStreamPosition
mixerGetDevCapsA
mixerGetDevCapsW
mmTaskBlock
mmGetCurrentTask
midiOutLongMsg
mixerGetLineInfoW

comdlg32

FindTextW
GetOpenFileNameW
GetFileTitleW

user32

PostMessageA
LoadIconA
GetMenu
GetDC
EndDialog
DestroyWindow
DefDlgProcA
CharUpperA
CharToOemA
ActivateKeyboardLayout
SendMessageA
UpdateWindow
RegisterClassA

Exports

Exports

BHffjxKFiDvzcHrjm
IbrMuceFjkkfv
Ihi
KptCZL
Lilheqbckuflfpd
SkXklhWccupwyHvkmry
csgjXecpfR
eHazdsbuiawhrsUulz
ihsv
ihxfjowX
qgrrh
ukopygpzziTu
xnonukvdIx
yoqxp

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 362KB - Virtual size: 667KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f26bbea8cc130299df9f339750c9fc86

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

ntdll

kernel32

version

winmm

comdlg32

user32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.data Size: 362KB - Virtual size: 667KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 60KB - Virtual size: 59KB

.data
Size: 362KB - Virtual size: 667KB

.rsrc
Size: 26KB - Virtual size: 26KB