45d9c40f8e069ca2854821d71f5712ba

Sharing

Copy URL Twitter E-mail

General

Target

45d9c40f8e069ca2854821d71f5712ba
Size

453KB
MD5

45d9c40f8e069ca2854821d71f5712ba
SHA1

ba116ea9deeb835ed89cd4de05926fe2e3de2468
SHA256

67d5a9bcf0429f5e97e40415c5b7f1058be0dd7943030f5ab016079234644123
SHA512

782c44a5995da54d89077dfb08f2994257e5372112d7217653c57b56887bae397f775d32ee6f857222aba44b610f5f7adb855ced418b39ad7386230fce3cd76b
SSDEEP

6144:kdyUyKPQ4Q6sRavaN8OEqApoRZpqTXEUy7RYIZlUo8zSJk78H:zCPQ4Q6GQaqrqAp9T0UyJlU9zSO78

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45d9c40f8e069ca2854821d71f5712ba

Files

45d9c40f8e069ca2854821d71f5712ba
.dll windows:4 windows x86 arch:x86

33bf3f26fafeef23a656248caca226ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCloseHandle
InternetOpenA
HttpQueryInfoA
InternetReadFile
InternetOpenUrlA

netapi32

Netbios

kernel32

CloseHandle
WriteFile
SetFilePointer
CreateFileA
GetFileSize
ReadFile
InitializeCriticalSection
DeleteCriticalSection
GetStringTypeExA
GetThreadLocale
InterlockedIncrement
lstrcmpiA
IsDBCSLeadByte
DebugBreak
OutputDebugStringA
FreeLibrary
SizeofResource
LoadLibraryExA
GetModuleHandleA
WinExec
CopyFileA
GetTempPathA
CreateThread
GetSystemDirectoryA
CreateDirectoryA
DeleteFileA
TerminateThread
Sleep
GetProcAddress
LoadLibraryA
SetEndOfFile
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetConsoleMode
GlobalHandle
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
HeapCreate
HeapDestroy
ExitProcess
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualProtect
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
GlobalFree
LoadResource
LockResource
GlobalLock
GlobalUnlock
SetLastError
GetModuleFileNameA
WideCharToMultiByte
MulDiv
lstrcmpA
GetLastError
lstrlenW
GetCurrentThreadId
GlobalAlloc
lstrlenA
InterlockedDecrement
GetCurrentProcess
FlushInstructionCache
FindResourceA
LeaveCriticalSection
EnterCriticalSection
RaiseException
MultiByteToWideChar
FlushFileBuffers
GetOEMCP
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
GetConsoleOutputCP
WriteConsoleW
CreateFileW
GetTickCount
SetStdHandle
GetConsoleCP
GetCurrentProcessId
WriteConsoleA

user32

MessageBoxA
IsIconic
GetCursorPos
GetMenuItemCount
GetActiveWindow
DialogBoxParamA
MapWindowPoints
TrackPopupMenu
LoadBitmapA
PostMessageA
DestroyMenu
EndDialog
AppendMenuA
CreatePopupMenu
EnableWindow
IsWindowVisible
CreateDialogIndirectParamA
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
MapDialogRect
SetWindowContextHelpId
SendDlgItemMessageA
CreateAcceleratorTableA
RegisterClassExA
LoadCursorA
GetClassInfoExA
DestroyAcceleratorTable
GetDesktopWindow
GetFocus
GetWindow
SetFocus
FillRect
CharNextA
GetClassNameA
GetDlgItem
IsChild
RedrawWindow
InvalidateRgn
ReleaseDC
GetDC
ScreenToClient
GetSystemMetrics
InflateRect
EndPaint
BeginPaint
PtInRect
ReleaseCapture
CreateWindowExA
DrawEdge
DrawFocusRect
CallWindowProcA
SendMessageA
GetCapture
SystemParametersInfoA
IsWindow
AdjustWindowRectEx
GetDlgCtrlID
GetParent
SetCapture
IsWindowEnabled
KillTimer
SetTimer
InvalidateRect
UpdateWindow
ClientToScreen
GetClientRect
GetWindowRect
SetWindowPos
GetMenu
GetSysColor
DefWindowProcA
LoadStringA
DestroyWindow
ShowWindow
MoveWindow
GetWindowLongA
SetWindowLongA
UnregisterClassA
wvsprintfA

gdi32

CreateFontA
SetBkColor
ExtTextOutA
SetTextColor
DeleteDC
DeleteObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateSolidBrush
GetObjectA
SetBkMode
GetStockObject

advapi32

RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoTaskMemAlloc
StringFromGUID2
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoTaskMemRealloc
CoTaskMemFree
OleLockRunning

oleaut32

SysAllocString
SysStringByteLen
VariantInit
VariantClear
SysAllocStringLen
LoadRegTypeLi
LoadTypeLi
DispCallFunc
VarUI4FromStr
SysAllocStringByteLen
SysFreeString
OleCreateFontIndirect
SysStringLen

comctl32

ImageList_GetIconSize
ImageList_Draw
_TrackMouseEvent
ImageList_LoadImageA
InitCommonControlsEx
ImageList_Add
ImageList_Destroy

Exports

Exports

NotifyMediaChange
ReleaseLyrics
SetLrcInfo
SetMatched
SetMediaInfo
SetPlayState
SetTimedLevel
ShowListener
ShowLyrics
ShowMiniMode

Sections

.text
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33bf3f26fafeef23a656248caca226ca

Headers

File Characteristics

Imports

wininet

netapi32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Exports

Exports

Sections

.text Size: 251KB - Virtual size: 251KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 33KB - Virtual size: 41KB

.rsrc Size: 87KB - Virtual size: 87KB

.reloc Size: 28KB - Virtual size: 28KB

.text
Size: 251KB - Virtual size: 251KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 33KB - Virtual size: 41KB

.rsrc
Size: 87KB - Virtual size: 87KB

.reloc
Size: 28KB - Virtual size: 28KB