0d5a7c59b8be738c3411d77b8e21df8374041d9a2d431f86281295ac4229739d

Sharing

Copy URL

Twitter E-mail

General

Target

0d5a7c59b8be738c3411d77b8e21df8374041d9a2d431f86281295ac4229739d
Size

99KB
MD5

a89c99196ede82dd5be8e03a03ab4344
SHA1

363a1102436ac948d6a4cc533c55c6023df29111
SHA256

0d5a7c59b8be738c3411d77b8e21df8374041d9a2d431f86281295ac4229739d
SHA512

b1f8235598e4bc4d570bda00c85535b5b6a14a2146c589f4bb574f1a28a50d6b09765d933db87a124ad4d8d60ee9ccad3249585dae280f7ed993c533e11014d5
SSDEEP

1536:vOtvhIyY4rmw8JqEvkRyto+CLP6Ea26A5+ZSnCpYWF4urPcYWaYEj:vOtvhIBJqEculCLSEaGdnCpYqJLxTYE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d5a7c59b8be738c3411d77b8e21df8374041d9a2d431f86281295ac4229739d

Files

0d5a7c59b8be738c3411d77b8e21df8374041d9a2d431f86281295ac4229739d
.dll windows:6 windows x86 arch:x86

228a129b61b93161341c0f1da40db6bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetPriorityClass
GetTickCount
CreateProcessW
GetProcessHeap
DeleteCriticalSection
DecodePointer
GetOverlappedResult
HeapAlloc
ResetEvent
CancelIoEx
RaiseException
GetNativeSystemInfo
CloseHandle
GetLastError
CreateEventW
DuplicateHandle
GetCurrentThreadId
CreateFileW
WaitForSingleObject
InitializeCriticalSectionEx
InitializeCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
CreateNamedPipeW
TerminateProcess
WriteFile
DisableThreadLibraryCalls
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
LoadLibraryExA
VirtualFree
GetStdHandle
GetCurrentProcess
EnterCriticalSection
SetLastError
HeapFree
ReadFile
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
GetSystemTimeAsFileTime
IsDebuggerPresent
OutputDebugStringW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetProcAddress
lstrlenW

user32

DialogBoxParamW
GetDlgItem
SetWindowLongW
LoadCursorW
SendDlgItemMessageW
RegisterClassW
PeekMessageW
SetTimer
DispatchMessageW
ShowWindow
TrackPopupMenu
MsgWaitForMultipleObjects
MessageBeep
UnregisterClassW
DestroyMenu
DrawEdge
FillRect
EndDialog
SendMessageW
MessageBoxW
DestroyWindow
GetMessagePos
DefWindowProcW
CreateDialogParamW
GetWindowLongW
EnableWindow
InvalidateRect
CreatePopupMenu
MapDialogRect
GetParent
GetClientRect
BeginPaint
EndPaint
GetSysColor
IsWindowEnabled
GetWindowTextW
DrawTextW

gdi32

SelectObject
SetTextColor
SetBkMode
GetTextExtentPoint32W
GetObjectW
DeleteObject
CreateFontIndirectW

ole32

CoCreateGuid

shared

_uGetDlgItemText@12
_uExceptFilterProc@4
_uFormatSystemErrorMessage@8
_ModalDialog_PokeExisting@0
_ModalDialog_CanCreateNew@0
_uAppendMenu@16
_uPrintCrashInfo_OnEvent@8
_uSendMessageText@16
_uBugCheck@0
_uSetDlgItemText@12
_GetInfiniteWaitEvent@0

vcruntime140

memset
_except_handler4_common
__current_exception
__current_exception_context
_CxxThrowException
__std_type_info_destroy_list
memcpy
__std_terminate
_purecall
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3
memcmp
_except_handler3

api-ms-win-crt-heap-l1-1-0

_callnewh
_aligned_free
_aligned_realloc
_aligned_malloc
malloc
free
_expand
realloc

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
terminate
_seh_filter_dll
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-math-l1-1-0

__libm_sse2_pow
llround
lround

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

228a129b61b93161341c0f1da40db6bd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

shared

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 5KB

.movehcs Size: 512B - Virtual size: 4KB

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB

.movehcs
Size: 512B - Virtual size: 4KB