da0e089b88a6ba2738c72cc1a001e6a14d0aafe8bd550591e6bffcf4d174097b

Sharing

Copy URL Twitter E-mail

General

Target

da0e089b88a6ba2738c72cc1a001e6a14d0aafe8bd550591e6bffcf4d174097b
Size

2.1MB
MD5

5987c294ccba44c0d7805c332132507d
SHA1

f5d9aa9bf0b1623a76a043c3eb1f736256887589
SHA256

da0e089b88a6ba2738c72cc1a001e6a14d0aafe8bd550591e6bffcf4d174097b
SHA512

f624ee01dcccba7bb53e8376b7d2a93cd542772a462a1c46780b71e7ec34ff6d15c21570e0ca06e2ff15f1ae5a28b9131d630c2e7f37420a395042eddc7a1f5e
SSDEEP

49152:m2PuO0ctaJ+8IBAQAQjVyj4NM6fO2ruQ8nFA7bIE29hJI:m2P4hJ+hBcOyjefOiuroA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da0e089b88a6ba2738c72cc1a001e6a14d0aafe8bd550591e6bffcf4d174097b

Files

da0e089b88a6ba2738c72cc1a001e6a14d0aafe8bd550591e6bffcf4d174097b
.dll windows:5 windows x86 arch:x86

09a7ed1ceca904f7aaa223180405af90

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegDisablePredefinedCache

winmm

PlaySoundW
waveInUnprepareHeader
waveOutSetVolume

shell32

DuplicateIcon
SHGetFolderPathAndSubDirW
SHLoadNonloadedIconOverlayIdentifiers
SHCreateDirectoryExW
SHGetPathFromIDListA

iphlpapi

NotifyRouteChange

rasapi32

RasGetProjectionInfoA

kernel32

GetCommConfig
GetBinaryTypeA
TerminateProcess
MoveFileWithProgressW
DeleteCriticalSection
GetLocaleInfoW
GetSystemTimeAsFileTime
SetupComm
RaiseException
SetEvent
DnsHostnameToComputerNameW
VirtualAlloc
GetModuleHandleA
GetModuleFileNameA
GetUserDefaultLangID
GetModuleFileNameW

netapi32

NetSessionDel
NetUserSetInfo
NetLocalGroupDel

setupapi

SetupPromptForDiskA
SetupDiEnumDeviceInfo
SetupRemoveFromSourceListW
SetupGetSourceFileLocationA

gdi32

TextOutW
SetColorSpace
AddFontResourceW
ScaleWindowExtEx
CreateFontW

urlmon

CoInternetIsFeatureEnabledForUrl
IsValidURL
URLDownloadToCacheFileW

winspool.drv

SetPrinterDataW

user32

GetMessageExtraInfo
PostQuitMessage
ShowWindow
GetScrollRange
CreateWindowExA
GetUserObjectInformationW
GetQueueStatus
GetMenuCheckMarkDimensions

rpcrt4

NdrConformantStringBufferSize
NdrInterfacePointerBufferSize
IUnknown_Release_Proxy

ole32

StringFromGUID2
OleIsRunning
HDC_UserUnmarshal

msvcrt

memset
free
iswprint
fgets

ws2_32

WSAGetLastError

crypt32

CryptUnregisterOIDFunction
CryptSIPRemoveSignedDataMsg

comdlg32

ReplaceTextW

oleaut32

BSTR_UserSize
CreateErrorInfo

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

hvwba
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

D
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CONST
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09a7ed1ceca904f7aaa223180405af90

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

winmm

shell32

iphlpapi

rasapi32

kernel32

netapi32

setupapi

gdi32

urlmon

winspool.drv

user32

rpcrt4

ole32

msvcrt

ws2_32

crypt32

comdlg32

oleaut32

Sections

.text Size: 28KB - Virtual size: 26KB

hvwba Size: 4KB - Virtual size: 3KB

.data Size: 32KB - Virtual size: 31KB

D Size: 8KB - Virtual size: 4KB

CONST Size: 8KB - Virtual size: 4KB

.CRT Size: 1.9MB - Virtual size: 1.9MB

.qdata Size: 8KB - Virtual size: 4KB

.reloc Size: 20KB - Virtual size: 16KB

.text
Size: 28KB - Virtual size: 26KB

hvwba
Size: 4KB - Virtual size: 3KB

.data
Size: 32KB - Virtual size: 31KB

D
Size: 8KB - Virtual size: 4KB

CONST
Size: 8KB - Virtual size: 4KB

.CRT
Size: 1.9MB - Virtual size: 1.9MB

.qdata
Size: 8KB - Virtual size: 4KB

.reloc
Size: 20KB - Virtual size: 16KB