59f1479e90c4b963a4420702f6da3265

Sharing

Copy URL Twitter E-mail

General

Target

59f1479e90c4b963a4420702f6da3265
Size

84KB
MD5

59f1479e90c4b963a4420702f6da3265
SHA1

0144a7d1a8ce8026f768b6251c900c4bd4a29b83
SHA256

ed2d13373132ff553ebc976fc9d55ad91697768b867436ed6d967fe29b7bde33
SHA512

96aeb29c9309896b1b0026e89a6aa4c77d4ba311b0825d2663a62241607082a5d16a0e910fabe9ea3d5e32ec85ce8120a327120fdb4acb67115edd89493046dc
SSDEEP

1536:d60p2BnSX4H/AvMH3WjJLHIsuHZi+dYmLtUzgeb/0CMkMb:d9x4H/2MHGBkHtpLtYgeb/0j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59f1479e90c4b963a4420702f6da3265

Files

59f1479e90c4b963a4420702f6da3265
.dll windows:4 windows x86 arch:x86

107d444c1a38f97ae218b0d391a64bbb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueueUserAPC
GetConsoleScreenBufferInfo
GlobalGetAtomNameA
SetComputerNameExW
ReadProcessMemory
GetCommModemStatus
FindNextChangeNotification
GetStringTypeW
PeekConsoleInputA
VirtualFree
DeleteTimerQueueTimer
SetSystemTime
CreateTimerQueue
WideCharToMultiByte
WaitForSingleObject
DosDateTimeToFileTime
EnumResourceLanguagesA
SetConsoleCursorPosition
GetProcessVersion
GetFullPathNameA
CreateRemoteThread
ConnectNamedPipe
ExitThread
ExpandEnvironmentStringsA
lstrlenW
TerminateProcess
ReadConsoleInputW
IsWow64Process
GetUserDefaultUILanguage
GetConsoleMode
CreateHardLinkW
GlobalFree
GetFullPathNameW
AssignProcessToJobObject
BackupRead
SuspendThread
FindFirstVolumeW
CallNamedPipeA
CreateNamedPipeW
GetProfileIntW
FreeEnvironmentStringsW
GetUserDefaultLCID
LockFileEx
GetVolumePathNameW
GetEnvironmentStringsW
SetupComm
CancelWaitableTimer
FindAtomA
GetProfileStringW
LocalFlags
GetFileAttributesExW
PeekConsoleInputW
VirtualProtect
IsBadHugeReadPtr
FindActCtxSectionStringW
GetStringTypeExA
GetModuleFileNameA
InterlockedCompareExchange
MapViewOfFile
HeapFree
GetVolumeInformationA
CopyFileA
CreateFileMappingA
GetComputerNameA
CreateEventA
InterlockedExchange
VirtualQuery
GetSystemInfo
LoadLibraryA
Sleep
LeaveCriticalSection
SetEvent
GetProcAddress
LocalFree
InterlockedIncrement
GetStringTypeExW

ole32

DoDragDrop
GetHGlobalFromStream
OleTranslateAccelerator
OleCreateLink
CreatePointerMoniker
StgOpenStorage
StringFromIID
CoGetMalloc
CoWaitForMultipleHandles
CoCreateFreeThreadedMarshaler
CoEnableCallCancellation
CoUninitialize

user32

CreateCaret
GetSystemMetrics
GetDCEx
SetWindowContextHelpId
DefDlgProcA
GetDC
InSendMessage
ChangeDisplaySettingsExW
ShowOwnedPopups
ChangeMenuA
CreateAcceleratorTableA
MapWindowPoints
GetAsyncKeyState
MessageBoxExA
CheckDlgButton
GetIconInfo
GetForegroundWindow
CharPrevA
GrayStringW
MessageBoxIndirectA
GetActiveWindow
BeginPaint
InsertMenuItemA
GetScrollPos
OemToCharA
OpenDesktopW
FindWindowA
SendDlgItemMessageA
CloseDesktop
GetDlgItem
UnpackDDElParam
OpenInputDesktop
IsWindow
SendMessageA
InvalidateRgn
GetProcessDefaultLayout
GetSysColorBrush
GetMonitorInfoA
GetWindowWord
DefDlgProcW
EnumDesktopsW
GetCursorPos
DefFrameProcW
TrackPopupMenu
GetSubMenu
IsCharAlphaNumericA
EnumWindows
GetCapture
SetMenuItemBitmaps
FillRect
AdjustWindowRect
GetMenuStringA
DispatchMessageA
GetMessageA
MsgWaitForMultipleObjects
PeekMessageA
LoadIconA
InvertRect

oleaut32

SysAllocStringLen
SysReAllocStringLen
SysStringByteLen

shlwapi

PathGetDriveNumberW
StrDupA
PathIsDirectoryW
SHDeleteKeyA
SHDeleteValueW
StrStrIW
UrlUnescapeW
PathMakePrettyW
StrCmpNW
StrToIntA

advapi32

LookupAccountNameA
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
RegSetValueExA
GetUserNameA
GetCurrentHwProfileA
RegQueryInfoKeyA
QueryServiceLockStatusW
RegEnumKeyA
RegCreateKeyExW
RevertToSelf
OpenProcessToken
RegDeleteKeyW
CreateProcessAsUserA
RegEnumKeyW
EnumServicesStatusExW
GetServiceKeyNameW
ChangeServiceConfigW
ImpersonateAnonymousToken

gdi32

AnimatePalette
GetObjectType
FlattenPath
StrokeAndFillPath
CreateEnhMetaFileA
GetMetaFileBitsEx
SetBrushOrgEx
SetSystemPaletteUse
GetRandomRgn
GetPixelFormat
SetMiterLimit
GetCharWidth32W
SetICMMode
InvertRgn
GetViewportExtEx
SwapBuffers
SetMapperFlags
SetViewportOrgEx
SetLayout
DeleteDC
TextOutA
GetTextExtentExPointA
PolyPolygon
EnumFontsA
CreatePolygonRgn
ScaleViewportExtEx
CreateICW
CombineRgn
GetTextCharacterExtra
BeginPath
CreateHalftonePalette
Polygon
SetDIBits
CreateDCW
PathToRegion
CreatePenIndirect

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

107d444c1a38f97ae218b0d391a64bbb

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 2KB