647744c5e7e152efd2917de0e27c0cec

Sharing

Copy URL Twitter E-mail

General

Target

647744c5e7e152efd2917de0e27c0cec
Size

84KB
MD5

647744c5e7e152efd2917de0e27c0cec
SHA1

7f3823a55b0d0dca64d8abaf9188c53b2a30efd3
SHA256

122ac396193a339b25d5d2d141d96768f31a7ea04c99d0f3a9f549ff1d12df8f
SHA512

550adc3b870646745aea68a79adf172f5761d2985b277b4a48dad5a39e159f48d798120816f5ee0e5bc3e9f9ea93d8fabfe48f40f39b9194a9aa11e011ad84a0
SSDEEP

1536:ZxHMbi9WqxUvWJVsZEGZmWofCiMEKF2VZdyuA:r/9W+JrWqqEKFAZDA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
647744c5e7e152efd2917de0e27c0cec

Files

647744c5e7e152efd2917de0e27c0cec
.dll windows:4 windows x86 arch:x86

cb1900050f4c4edb9d477b71ad033bad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnlockFileEx
SetEnvironmentVariableW
QueryPerformanceFrequency
RemoveDirectoryW
AllocConsole
ReadFile
GetTimeZoneInformation
GlobalFree
FileTimeToSystemTime
IsProcessorFeaturePresent
SetDefaultCommConfigW
ReadConsoleInputW
IsBadCodePtr
PulseEvent
EscapeCommFunction
GetModuleHandleExW
WaitForMultipleObjects
TerminateProcess
CreateTimerQueue
GetCommTimeouts
GetStartupInfoW
SetConsoleScreenBufferSize
GetDiskFreeSpaceExW
VirtualFree
CreateThread
SizeofResource
SetFilePointer
AssignProcessToJobObject
UpdateResourceA
DeleteTimerQueueTimer
SetVolumeLabelA
GetThreadPriority
LocalAlloc
OpenSemaphoreA
QueueUserAPC
AddRefActCtx
GetTempFileNameA
FlushViewOfFile
OpenProcess
FindClose
FindResourceExW
lstrcpynW
GetSystemDirectoryW
WaitForSingleObject
WaitForMultipleObjectsEx
GetLocaleInfoW
SetFileAttributesA
TryEnterCriticalSection
MoveFileExA
GetTempPathW
IsBadReadPtr
GetConsoleOutputCP
GetVolumePathNameW
SetProcessShutdownParameters
SetComputerNameA
WriteConsoleA
SetInformationJobObject
DosDateTimeToFileTime
LocalFileTimeToFileTime
HeapReAlloc
GetLastError
GetSystemInfo
GetModuleHandleA
lstrlenA
LeaveCriticalSection
CreateProcessA
MapViewOfFile
UnmapViewOfFile
VirtualProtect
lstrlenW
LoadLibraryA
CreateFileMappingA
GetProcAddress
GetTickCount
GetVolumeInformationA
CreateFileA
GetSystemTimeAsFileTime
CopyFileA
GetSystemDirectoryA
EnterCriticalSection
OpenFileMappingA
CreateEventA

shlwapi

UrlCreateFromPathW
PathIsUNCServerShareW
StrStrIA
PathCompactPathExW
PathIsPrefixW
StrFormatKBSizeW
PathIsDirectoryA
PathStripPathW
PathParseIconLocationW
PathRemoveExtensionW
wvnsprintfW
StrCmpNIW
UrlUnescapeW

advapi32

SetSecurityInfo
SetNamedSecurityInfoA
LookupAccountNameA
GetSecurityDescriptorSacl
RegSetValueA
RegEnumValueA
NotifyBootConfigStatus
CredFree
RegDeleteKeyA
GetServiceDisplayNameW
OpenSCManagerA
RegDeleteKeyW
CreateProcessAsUserA
RegSaveKeyW
RegEnumValueW
SaferGetPolicyInformation
RegCreateKeyA
CreateServiceW
RegisterEventSourceA
RegLoadKeyA
CredReadDomainCredentialsW
ChangeServiceConfigW
CredUnmarshalCredentialW
GetUserNameA

gdi32

SetMiterLimit
GetTextExtentPointA
CreatePolygonRgn
GetPath
ExtTextOutA
TranslateCharsetInfo
StartDocW
GetEnhMetaFileBits
SetSystemPaletteUse
SetWorldTransform
CreateCompatibleBitmap
GetPixelFormat
SetGraphicsMode
RoundRect
CreateRectRgn
SetViewportExtEx
GetTextMetricsA
SetViewportOrgEx
CreateDIBPatternBrushPt
GetCharWidthW
Arc
GetMetaFileBitsEx
UpdateColors
CreateHatchBrush
GetRgnBox
CreateFontIndirectW
SetWindowExtEx
OffsetWindowOrgEx
GetTextCharset
SetWindowOrgEx
GetEnhMetaFileHeader
CloseEnhMetaFile
UnrealizeObject
RealizePalette
PolyDraw
FillRgn
TextOutW
BitBlt
GetObjectA

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb1900050f4c4edb9d477b71ad033bad

Headers

File Characteristics

Imports

kernel32

shlwapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 2KB