74a5436959cf0c477d1dccdd8bd4ec4f3ef4c4d0ccea91e733d67c450bbcebf2

Sharing

Copy URL Twitter E-mail

General

Target

74a5436959cf0c477d1dccdd8bd4ec4f3ef4c4d0ccea91e733d67c450bbcebf2
Size

291KB
MD5

cfafcca5a73b8447121ce01a3b169a02
SHA1

6f66ece294c56c78ba66ec26ad88e8b8ed962965
SHA256

74a5436959cf0c477d1dccdd8bd4ec4f3ef4c4d0ccea91e733d67c450bbcebf2
SHA512

0751b024369b102483ccdddc332913dcdcc33e093a139076d76197325d8c4d0618f9b2c688b7431aa6902bece88df564700aa71b7a8c9c15d006b8743769a014
SSDEEP

3072:3XlRdC2iP0U1VpcM89A0R7LDLYJS2f32ahVs6OOSrnWOtEoB9+s5YyG3ddcKk6EM:3Vq0IV6M8tLLy32m2TWOtE7ZrL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74a5436959cf0c477d1dccdd8bd4ec4f3ef4c4d0ccea91e733d67c450bbcebf2

Files

74a5436959cf0c477d1dccdd8bd4ec4f3ef4c4d0ccea91e733d67c450bbcebf2
.dll windows:5 windows x86 arch:x86

b1a5d09a293d0ec4e43a04634f2dd52b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ReleaseDC
SetRect
GetSysColor
MessageBoxW
FillRect
GetDC

gdi32

DeleteObject
DeleteDC
CreateCompatibleBitmap
GetStockObject
SelectObject
CreateSolidBrush
CreateCompatibleDC

ole32

StringFromGUID2
CoCreateGuid

oleaut32

SysAllocString
SysFreeString

hwpapp

ord5
ord6

msvcp90

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
?clear@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ

msvcr90

?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
_wmakepath_s
wcschr
wcsncpy_s
memmove_s
wcsstr
strstr
free
malloc
wcscat_s
_waccess_s
vswprintf_s
_read
iswdigit
iswlower
wcsncmp
_CxxThrowException
memmove
_wcslwr_s
wcsrchr
??0exception@std@@QAE@ABV01@@Z
wcstok_s
__lconv_init
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
??_V@YAXPAX@Z
??3@YAXPAX@Z
??2@YAPAXI@Z
_invalid_parameter_noinfo
wcstod
_wremove
_wsplitpath_s
_close
_wsopen_s
swprintf_s
_wcsupr_s
_wtol
_wtoi
wcscpy_s
_purecall
memcpy
memset
__CxxFrameHandler3
_stricmp
iswxdigit

kernel32

FreeLibrary
LoadLibraryA
RaiseException
UnhandledExceptionFilter
GetProcAddress
LocalAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTickCount
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
SetEndOfFile
SetFilePointer
WriteFile
ReadFile
CloseHandle
GetLastError
InterlockedIncrement
InterlockedDecrement
LoadResource
FindResourceW
QueryPerformanceCounter

Exports

Exports

DetectFormat
EnumInfo
Export
ExportDirect
Import
ImportDirect
NextInfo
Setup

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1a5d09a293d0ec4e43a04634f2dd52b

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

ole32

oleaut32

hwpapp

msvcp90

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 159KB - Virtual size: 158KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 77KB - Virtual size: 76KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 159KB - Virtual size: 158KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 77KB - Virtual size: 76KB

.reloc
Size: 12KB - Virtual size: 11KB