4784df031a672d81a9418c9d6d8d21da

Sharing

Copy URL

Twitter E-mail

General

Target

4784df031a672d81a9418c9d6d8d21da
Size

80KB
MD5

4784df031a672d81a9418c9d6d8d21da
SHA1

b3ab4aa661cb75d87cb7192876fa0b0527310b96
SHA256

3f220091f0a841877f979457cffea0ce8029840eca32c4a74d61b0f9d787ed34
SHA512

389022e627255deb25e7dbe123080b431f066c812739c4d9fff01fd9c94312e466179141e2d855c56f23fdea26d2906cc5ed5df5610a362219c683cf8e0452fc
SSDEEP

1536:GzgRNJuWUCLi3/iWrJOcnTRhyloQ3AWMRpZAKyB:z3EmO/F1O6ylF3cpZA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4784df031a672d81a9418c9d6d8d21da

Files

4784df031a672d81a9418c9d6d8d21da
.dll windows:4 windows x86 arch:x86

8328a95d980edf81b8bd54cce392ed31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FileTimeToSystemTime
FileTimeToDosDateTime
GetStringTypeW
DuplicateHandle
DeleteCriticalSection
GetNumberFormatW
CreateTimerQueueTimer
LocalReAlloc
UpdateResourceA
WideCharToMultiByte
SearchPathW
IsWow64Process
GetSystemWindowsDirectoryA
HeapReAlloc
SetMailslotInfo
lstrcpynA
GetProfileIntA
ReplaceFileW
ChangeTimerQueueTimer
GetNumberFormatA
FindFirstFileA
CreateWaitableTimerA
IsValidLanguageGroup
FreeResource
HeapCreate
DeleteFileA
VerLanguageNameW
ReleaseActCtx
GetStringTypeA
CreateActCtxW
GetTimeFormatW
IsBadCodePtr
GetLogicalDrives
GlobalGetAtomNameA
SetupComm
FindResourceW
FlushConsoleInputBuffer
FormatMessageA
WaitForMultipleObjectsEx
TransactNamedPipe
CreateJobObjectW
GetProfileSectionA
PulseEvent
SystemTimeToTzSpecificLocalTime
GetModuleHandleExW
DeviceIoControl
SetInformationJobObject
FatalAppExitA
CreateConsoleScreenBuffer
SystemTimeToFileTime
VerifyVersionInfoA
GetFileType
GetSystemTimeAdjustment
GetProcessAffinityMask
GetCommandLineW
GetBinaryTypeA
InterlockedExchangeAdd
WriteProfileStringA
InitializeCriticalSectionAndSpinCount
GetLastError
GetModuleFileNameA
lstrlenA
VirtualQuery
CreateFileA
GetSystemTimeAsFileTime
InterlockedExchange
GetSystemDirectoryA
GetModuleHandleA
LoadLibraryA
MapViewOfFile
WriteFile
LocalFree
ReadFileEx
GetProcAddress

oleaut32

SysReAllocString
SysAllocString
SysFreeString
SysAllocStringLen
SysStringLen

gdi32

DPtoLP
AnimatePalette
SetTextCharacterExtra
RectVisible
ExtFloodFill
EnumFontFamiliesExW
CreateEnhMetaFileW
IntersectClipRect
SetBkMode
CreateDIBitmap
EnumFontsA
StretchDIBits
GetCurrentObject
SetTextJustification
GetSystemPaletteEntries
SetArcDirection
GetSystemPaletteUse
AbortPath
SetTextAlign
ExtEscape
GetCharWidthW
GetCurrentPositionEx
GetClipRgn
GetNearestColor
DeleteMetaFile
Escape
GetTextExtentExPointA
SetMapperFlags
ModifyWorldTransform
SetDCBrushColor
GetLayout
PolyPolyline
AddFontResourceW
SetMetaRgn
CreateDiscardableBitmap
GetTextFaceA
CreateRoundRectRgn
SetWorldTransform
EnumMetaFile
MoveToEx
GetStretchBltMode
CloseEnhMetaFile
GetPath
SetRectRgn
ResizePalette
EndDoc

Exports

Exports

DfrgWIVdm

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8328a95d980edf81b8bd54cce392ed31

Headers

File Characteristics

Imports

kernel32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB