71344b37c82f09b63aef6081cdae6042

Sharing

Copy URL Twitter E-mail

General

Target

71344b37c82f09b63aef6081cdae6042
Size

129KB
MD5

71344b37c82f09b63aef6081cdae6042
SHA1

0ed904923635b4cfbf02adcd451a6de2d8c0cbe2
SHA256

4c2ee1c0c667d2f462f47a876562cc844f79ae1565ffb7dc6ebc2c800708aa32
SHA512

09bd51c89fc79ed1a8b721f4c5379508c07feb6ff7c09660980a629bc4f2196ece22514548cf51f2f26c864925d3eaa39f8f4aef3d1fa651db5b2fedef1a5f6c
SSDEEP

3072:+SXWQCgEUfJ458bKU0MkUNr+kQb1NfEx6uxNcBP0KMMiU1m9:PXWQC4+8UQqBP0KNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71344b37c82f09b63aef6081cdae6042

Files

71344b37c82f09b63aef6081cdae6042
.dll windows:4 windows x86 arch:x86

8df7a152787979df642a5a648fe82227

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

OpenServiceA
QueryServiceStatus
SetSecurityDescriptorDacl
StartServiceA
AdjustTokenPrivileges
OpenProcessToken
CloseServiceHandle
ControlService
CreateServiceA
DeleteService
InitializeSecurityDescriptor

ole32

WriteFmtUserTypeStg
StgCreateDocfileOnILockBytes
ReadClassStg
OleSetClipboard
GetRunningObjectTable
CLSIDFromString
GetConvertStg
CreateFileMoniker
CoUninitialize
CoLockObjectExternal
CoGetClassObject
WriteClassStm

user32

SetMenuInfo
OemToCharA
LoadMenuA
LoadAcceleratorsW
GetDC
GetCursor
CreateIconFromResource
CreateDialogParamA
CharNextA

shell32

SHGetFileInfoA
SHFileOperationA
SHGetMalloc
SHBindToParent

shlwapi

StrStrIA
PathIsRootA
PathIsRelativeA
PathIsDirectoryA
StrChrA
PathFindExtensionA
PathFileExistsA
PathCompactPathExA
PathCanonicalizeA
PathAppendA
SHAutoComplete
PathUnquoteSpacesA
PathQuoteSpacesA
PathFindFileNameA
PathMatchSpecA

msvcrt

time
strlen
__set_app_type
sscanf
realloc
memcpy
memchr
malloc
free
fflush
memmove

kernel32

SetCurrentDirectoryA
UnmapViewOfFile
lstrcatA
lstrcmpA
lstrlenA
OpenFile
LoadLibraryA
HeapAlloc
FindResourceA
CompareStringA
OpenFileMappingA

Exports

Exports

Hvy
Sgx
Yle

Sections

.text
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8df7a152787979df642a5a648fe82227

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 32KB

.rdata Size: 30KB - Virtual size: 32KB

.data Size: 32KB - Virtual size: 36KB

.idata Size: 10KB - Virtual size: 12KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 30KB - Virtual size: 32KB

.rdata
Size: 30KB - Virtual size: 32KB

.data
Size: 32KB - Virtual size: 36KB

.idata
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 24KB - Virtual size: 28KB