506de4a66a0408f3f8ef1adcdd745a3f

Sharing

Copy URL Twitter E-mail

General

Target

506de4a66a0408f3f8ef1adcdd745a3f
Size

112KB
MD5

506de4a66a0408f3f8ef1adcdd745a3f
SHA1

aeb1b6e3ddb5ddd61db1de1b8ffc6927035e188b
SHA256

7925a22a7b25f2116adce85f4e3157041fb1dd09460e9e42531bc64a24ef81ba
SHA512

8465bc0e51e81ede27409d1ba550a494c3a60e8416bf1331a30fbe003177e7f6f3fd77cb8297e4e1c40425eccebb73abbcee0b07a89043a251abc0676903b2a1
SSDEEP

3072:EBpZOWf21Zb0d0FKrlyKnBHwdnMRwaDdSO:E41ZACFKRBQVonN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
506de4a66a0408f3f8ef1adcdd745a3f

Files

506de4a66a0408f3f8ef1adcdd745a3f
.dll windows:4 windows x86 arch:x86

c74dcd9ac418553c11f69372d080d092

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOverlappedResult
WaitForMultipleObjects
GetQueuedCompletionStatus
GetTickCount
MultiByteToWideChar
lstrlenA
WriteConsoleA
GetSystemTimeAsFileTime
ReadFile
GlobalFree
SizeofResource
FindResourceW
lstrcmpW
GlobalAlloc
LoadResource
lstrcmpiW
GetCurrentThreadId
lstrlenW
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetCurrentProcessId
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
ResetEvent
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
HeapAlloc
UnhandledExceptionFilter
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetModuleFileNameA
GetStartupInfoA
GetSystemInfo
GetFileType
SetHandleCount
TerminateProcess
ExitProcess
VirtualQuery
GetVersionExA
RtlUnwind
GetCurrentProcess
SetProcessWorkingSetSize
SetEvent
PostQueuedCompletionStatus
CloseHandle
WriteFile
InterlockedIncrement
InterlockedDecrement
GetProcessHeap
InterlockedExchange
GetStdHandle
VirtualProtect
HeapSize
GetCommandLineA

user32

GetWindowDC
GetWindowRect
GetPropW
SetPropW
SetWindowLongW
SetWindowLongA
GetClassNameW
IsWindowUnicode
SendMessageW
GetWindowLongW
CallNextHookEx
SetWindowsHookExW
RemovePropW
CallWindowProcW
GetClientRect
MapWindowPoints
ShowCaret
BeginPaint
EndPaint
ExcludeUpdateRgn
GetWindowTextW
CharNextW
DrawTextW
GetFocus
IntersectRect
DrawFocusRect
ValidateRect
ScreenToClient
InvalidateRect
GetSysColor
GetDC
GetSystemMetrics
DefWindowProcW
IsIconic
IsWindowEnabled
GetWindow
GetParent
InflateRect
OffsetRect
ReleaseDC
wvsprintfA
MsgWaitForMultipleObjects
HideCaret

advapi32

ReportEventW

gdi32

CreateDIBitmap
SetBkColor
DeleteObject
IntersectClipRect
GetTextExtentPointW
ExtTextOutW
SelectObject
SetTextColor
CreateSolidBrush
SetBkMode
PatBlt

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c74dcd9ac418553c11f69372d080d092

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 40KB - Virtual size: 72KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 40KB - Virtual size: 72KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 3KB