516c919b011bf1e678fe8ed6a21f2514

Sharing

Copy URL Twitter E-mail

General

Target

516c919b011bf1e678fe8ed6a21f2514
Size

29KB
MD5

516c919b011bf1e678fe8ed6a21f2514
SHA1

b5cf0b91c65fe2c4a51008f97d2483b3bc4a2319
SHA256

32f31366c4b776190350cae4b6fa360d18c7eba39563f74435f62d361a952dd0
SHA512

f7ef18f312b47cdc507bdfac671c97b6d2b3772b9901ac2304b42c1e25d6b7a220d2f1e522bb86b194bc9c0b738e60284a3acdf43246a356c276cd6c6d89de8a
SSDEEP

384:oRGvqYNwgn5rZyJ4cIn2greHN3ruHjgSLKXkD495g5hM9zxyeBgYH1RQcz4Kun:UEqFg5rvcrHN3YgjLVNuYH1RRU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
516c919b011bf1e678fe8ed6a21f2514

Files

516c919b011bf1e678fe8ed6a21f2514
.dll windows:4 windows x86 arch:x86

6dc2c5f6feda28cf1d0054b9f00c338b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetDlgItemTextA
SetForegroundWindow
SetMenu
SetTimer
SetWindowLongA
SetWindowTextA
ShowWindow
TrackPopupMenu
TranslateMessage
UpdateWindow
RegisterClassA
PostMessageA
MoveWindow
MessageBoxExA
MessageBoxA
MessageBeep
LoadMenuA
LoadIconA
LoadCursorA
LoadBitmapA
SendMessageA
IsRectEmpty
GetWindowTextLengthA
GetWindowRect
GetSystemMetrics
GetSysColor
GetSubMenu
GetMessageA
GetMenuState
GetMenu
GetDlgItemTextA
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetCursorPos
EndDialog
wsprintfA
AnyPopup
AttachThreadInput
EnableWindow
DispatchMessageA
DialogBoxParamA
SendDlgItemMessageA
KillTimer
RegisterClassExA
CreateWindowExA
CheckMenuItem
CheckDlgButton
CallWindowProcA
BeginDeferWindowPos

kernel32

GetModuleHandleA
GetModuleHandleW
lstrlenA
lstrcpyA
lstrcmpA
WriteFile
TransactNamedPipe
Sleep
RtlZeroMemory
ReadFile
OpenFile
LoadLibraryExA
HeapFree
HeapAlloc
FindFirstFileA
GetModuleFileNameA
GetLocalTime
GetFileSize
GetCurrentDirectoryA
ExitProcess
DeleteFileA
CreateFileA
CloseHandle

comdlg32

GetSaveFileNameA
GetOpenFileNameA

comctl32

ord6
InitCommonControlsEx

shell32

ShellExecuteA
Shell_NotifyIconA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegFlushKey

gdi32

GetPixel
GetStockObject
LPtoDP
SelectObject
GetCharWidthI
GetBrushOrgEx
ExtFloodFill
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC

ws2_32

gethostbyname
socket
setsockopt
recv
WSASocketA

ntdll

NtQuerySemaphore
NtPrivilegeCheck
NtAlertThread
NtWaitLowEventPair
RtlGetProcessHeaps

Exports

Exports

swidfir

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CSEG
Size: 1024B - Virtual size: 814B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 1KB

Sharing

General

Malware Config

Signatures

Files

6dc2c5f6feda28cf1d0054b9f00c338b

Headers

File Characteristics

Imports

user32

kernel32

comdlg32

comctl32

shell32

advapi32

gdi32

ws2_32

ntdll

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 71KB

CSEG Size: 1024B - Virtual size: 814B

.rsrc Size: 512B - Virtual size: 264B

.reloc Size: - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 71KB

CSEG
Size: 1024B - Virtual size: 814B

.rsrc
Size: 512B - Virtual size: 264B

.reloc
Size: - Virtual size: 1KB