4dbfca393de385ba936730835fa4454f

Sharing

Copy URL Twitter E-mail

General

Target

4dbfca393de385ba936730835fa4454f
Size

84KB
MD5

4dbfca393de385ba936730835fa4454f
SHA1

24afd141b570d7220d3198ecab55e5122c28ea5e
SHA256

ef4a06ff6d0916000ff8c911fbd34a72065601e68ef6f4c861b8f541758f36c4
SHA512

96c13ae03cfaa9c069da36812a4b610d0b4938552f4c4c08667fb73ee38a091c0140e2a4bb024bd8351800d8f278f2402015fd5be16e72cf7a0db13d98b2f31c
SSDEEP

1536:vGV2FJFEUmfkkyOzEq3HfPIlmioYnL4WQjgpRNFamksJgFye:vVDCltEqvPIlmioYnLL9FtjiU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dbfca393de385ba936730835fa4454f

Files

4dbfca393de385ba936730835fa4454f
.dll windows:4 windows x86 arch:x86

80352f8091629b5cf766d31de556c2c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
FindNextFileW
FreeResource
SetCurrentDirectoryA
SetTimeZoneInformation
CreateSemaphoreA
LocalReAlloc
FindResourceExA
GetVersionExW
HeapCreate
VerSetConditionMask
GetCompressedFileSizeW
IsDBCSLeadByteEx
OpenJobObjectW
GetExitCodeThread
FileTimeToLocalFileTime
OpenEventA
PeekConsoleInputA
GetSystemDefaultLangID
GetEnvironmentStrings
GetCommandLineW
EndUpdateResourceA
ClearCommBreak
GetUserDefaultLCID
ReadConsoleA
CreateNamedPipeW
LocalFlags
LocalLock
VirtualQueryEx
GetSystemTime
ConvertDefaultLocale
FindActCtxSectionGuid
GetFileSizeEx
UnregisterWaitEx
SwitchToThread
HeapValidate
GetSystemDirectoryW
QueryPerformanceFrequency
OpenMutexW
GetTimeZoneInformation
CreateDirectoryW
UnlockFileEx
OpenFileMappingA
LocalUnlock
GetCurrentThread
GetConsoleMode
GlobalFindAtomA
ReleaseSemaphore
WriteFileEx
ResumeThread
SuspendThread
LocalFileTimeToFileTime
SetConsoleMode
MoveFileExW
lstrcpynA
GetStringTypeExW
FindNextFileA
FlushConsoleInputBuffer
SetInformationJobObject
SetNamedPipeHandleState
MoveFileExA
GetProfileStringW
HeapCompact
VirtualAlloc
OpenFile
GetVersion
GetWindowsDirectoryA
GetCurrentProcessId
GetCommandLineA
GetSystemTimeAsFileTime
InterlockedIncrement
CloseHandle
GetTickCount
EnterCriticalSection
CreateFileMappingA
LeaveCriticalSection
UnmapViewOfFile
lstrlenW
HeapAlloc
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
WriteFile
GetProcessHeap
MapViewOfFile
LoadLibraryA
CreateDirectoryA
GetProcAddress
InterlockedDecrement
GetSystemPowerStatus

ole32

OleLoad
OleQueryLinkFromData
CoRevertToSelf
StringFromGUID2
CreateDataAdviseHolder
OleDraw
CoReleaseMarshalData
OleRegGetMiscStatus
CoSetProxyBlanket
MkParseDisplayName
OleDuplicateData
CoCreateInstance
StgOpenStorageOnILockBytes
CoTaskMemAlloc

user32

GetGUIThreadInfo
LoadIconA
MessageBoxIndirectA
EnumWindowStationsW
DeleteMenu
FindWindowExA
ToAscii
GetWindowRect
wvsprintfW
FlashWindow
LoadStringW
GetWindow
CreateAcceleratorTableW
NotifyWinEvent
GetIconInfo
CharNextW
LoadAcceleratorsA
CharLowerBuffW
GetActiveWindow
VkKeyScanW
OpenDesktopW
GetMessageW
SetMenuItemInfoA
ChangeMenuA
InsertMenuW
DefFrameProcA
IsCharAlphaW
ChildWindowFromPoint
ReuseDDElParam
DestroyAcceleratorTable
GetWindowTextW
GetWindowWord
WaitForInputIdle
HideCaret
SetRect
EndTask
GetCursorPos
GetWindowInfo
IsCharAlphaA
DialogBoxParamW
GetSystemMetrics
SetWindowTextA
DrawAnimatedRects
UnhookWindowsHook
IsMenu
DefDlgProcW
UnpackDDElParam
SetSysColors
InsertMenuItemW
GetCursor
MsgWaitForMultipleObjects
OffsetRect
ToUnicodeEx
DefMDIChildProcA
CreateIcon
ChangeDisplaySettingsW
IntersectRect
IsWindowVisible
WinHelpW
GetDialogBaseUnits
DrawFrameControl
GetWindowContextHelpId
GetMenuItemID
SetForegroundWindow
CharLowerW
PostQuitMessage
SetWindowsHookExA
GetParent
DispatchMessageA
PostMessageA
CallNextHookEx
GetClassInfoA

oleaut32

SysFreeString
SysStringLen
SysStringByteLen

shlwapi

SHDeleteKeyA
StrCmpNW
StrCmpNIW
StrChrIW
SHRegSetUSValueW
PathIsUNCServerShareW
PathCompactPathExW
StrStrIA
StrCatBuffA
StrToIntW
PathIsUNCW
StrDupA
SHRegGetValueW
PathIsFileSpecW
PathRemoveBackslashW
StrChrA
PathUnquoteSpacesW
PathMakePrettyW

gdi32

SetTextJustification
GetEnhMetaFileA
SetDIBits
CreateFontIndirectA
SetPolyFillMode
SetViewportOrgEx
GetBitmapDimensionEx
ExtCreatePen
StretchDIBits
EnumFontFamiliesExA
CreateDiscardableBitmap
SetBitmapDimensionEx
PlayMetaFile
GetPaletteEntries
ExtFloodFill
SetWindowOrgEx
SwapBuffers
CreateHatchBrush
CopyMetaFileA
GetCharWidthW
CreateBitmap
GetNearestPaletteIndex
FlattenPath
FillPath
PolyDraw
GetCharWidth32W
GetCharABCWidthsW
GetNearestColor
SetWindowExtEx
ExtTextOutW
SetMapperFlags
CreatePen
GetRgnBox
CreateFontA
OffsetRgn
CreateRectRgn
ScaleViewportExtEx

Exports

Exports

SyncnetSched

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80352f8091629b5cf766d31de556c2c6

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB