512d9b95f0f6194507c27b3057152019

General

Target

512d9b95f0f6194507c27b3057152019
Size

20KB
MD5

512d9b95f0f6194507c27b3057152019
SHA1

5f5e67cb8d25d38f95ddf7ea850e8950be9f7e03
SHA256

06ca09bc2b23abb2e55fd29f70bda4fb254ff3203b0c2db0b504a923559cea07
SHA512

5c4708aebe6848c7e4c4c74ac86e474b290f35b11af51f6145fddfabedbfee043900974e7a3c0f4661c682642b23c8cfeeb4fcb9d6fbdabbb79ff92f84c5356c
SSDEEP

384:euFb7k/PM7qazZnPMgnFEJ5qtZf7lfIBPiQNiX3gvltbmu+reP:ewb7k2q+MgOJ52RBgTingNlI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
512d9b95f0f6194507c27b3057152019

Files

512d9b95f0f6194507c27b3057152019
.dll windows:4 windows x86 arch:x86

d8bd3d3564092c2f9a3559e3c2de1ad0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

wsprintfA
TranslateMessage
SetScrollRange
SetScrollPos
SetScrollInfo
SetDlgItemTextA
SendMessageA
ScrollWindowEx
ReleaseDC
RegisterClassExA
PostQuitMessage
MessageBoxA
LoadMenuA
LoadImageA
LoadIconA
LoadCursorA
LoadAcceleratorsA
IsRectEmpty
InvalidateRect
GetSystemMetrics
GetScrollPos
GetMessageA
GetDlgItemTextA
GetDC
GetClientRect
EndPaint
EndDialog
DispatchMessageA
DialogBoxParamA
DefWindowProcA
DefDlgProcA
DdeDisconnect
DdeCreateDataHandle
DdeAddData
CreateWindowExA
BeginPaint
CallWindowProcW

kernel32

Sleep
SleepEx
SystemTimeToFileTime
RtlMoveMemory
_lread
_lwrite
lstrcatA
OpenMutexA
LoadLibraryExA
_llseek
LoadLibraryA
InitAtomTable
GlobalLock
GlobalFree
GlobalAlloc
GetTickCount
GetSystemTime
GetProcessHeaps
GetModuleHandleA
GetFileSize
GetCommandLineA
FlushViewOfFile
ExitThread
ExitProcess
EnumTimeFormatsA
DeviceIoControl
DeleteAtom
CreateThread
CreateFileA
CloseHandle
BeginUpdateResourceA
Beep
AddAtomA

comdlg32

GetOpenFileNameA

comctl32

ord17

gdi32

BitBlt
CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetDeviceCaps
GetGlyphIndicesA
GetObjectA
SelectObject

Exports

Exports

keopum

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8bd3d3564092c2f9a3559e3c2de1ad0

Headers

File Characteristics

Imports

user32

kernel32

comdlg32

comctl32

gdi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 72KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 72KB

.reloc
Size: 2KB - Virtual size: 1KB