73f1e089e5f9d34a59b1940a13f1bcfe

Sharing

Copy URL

Twitter E-mail

General

Target

73f1e089e5f9d34a59b1940a13f1bcfe
Size

596KB
MD5

73f1e089e5f9d34a59b1940a13f1bcfe
SHA1

b7371f97fa66e0adf363f0547f6f73acba5b0560
SHA256

e92b323b5dea9178cbec3651ae5d10c3c99653b5800287b8b1f106f5401ba005
SHA512

c37a6f4b21fa93ede2d98543b7ede4e2700765eb31a14882b4a85846d4695101592d9b3eef6b2e21448e8ad6a3bf4f9f72d8e30aef26a13342e448ab1f2bd1bf
SSDEEP

12288:/ghJUMgUyFcKnPPvmZZ2LQlhaJXKyE4WPwn4fDIVtVCc/t80PEfzLCY2nBCtncFZ:/ghJUJUKcwH2lhaJaydWAwDUcclBE7+v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73f1e089e5f9d34a59b1940a13f1bcfe

Files

73f1e089e5f9d34a59b1940a13f1bcfe
.dll windows:4 windows x86 arch:x86

01dfb71bf45858d4e0257828e7a1d70c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileStringW
FindVolumeClose
FindFirstVolumeA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
Sleep
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
FindResourceExA
GlobalAddAtomA
GetLogicalDrives
FileTimeToLocalFileTime
GetCommConfig
RequestWakeupLatency
GetTimeZoneInformation
ExitThread
FindResourceW
GetFileAttributesW
GetFileAttributesExW
SetConsoleCursorInfo
SetLocalTime
SetComputerNameW
GetStartupInfoW
MulDiv
GetSystemDefaultLCID
DefineDosDeviceA
GetDiskFreeSpaceExA
CreateMutexA
BuildCommDCBAndTimeoutsW
FreeLibraryAndExitThread
CreateHardLinkA
SetEndOfFile
GetCurrentProcess
GetProcessPriorityBoost
ReadProcessMemory
FreeResource
GetFileType
EnumSystemLocalesA
FindNextVolumeA
lstrcpynW
GetLargestConsoleWindowSize
QueueUserAPC
FindNextChangeNotification
lstrcmpiA
GetSystemTimeAsFileTime
SetInformationJobObject
SetLastError
Beep
GetProcessHeap
HeapFree
QueryPerformanceCounter
HeapAlloc

user32

KillTimer
GetWindowThreadProcessId
CharLowerBuffA
CreateIconIndirect
UnhookWinEvent
SetCursorPos
VkKeyScanExA
GetDlgItemTextW
SetTimer
GetPropA
InvalidateRgn

advapi32

RegLoadKeyW

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_amsg_exit
_initterm
exit
_XcptFilter
_cexit
__getmainargs
memset
_controlfp
?terminate@@YAXXZ
_exit

ntdll

RtlUnwind

gdi32

TextOutW
GetCharABCWidthsFloatW
ExcludeClipRect
SetICMProfileA
PolylineTo
StartPage
SetWorldTransform
GetViewportOrgEx
ColorMatchToTarget
FillRgn
FlattenPath
GetGraphicsMode
ExtTextOutA
EnumEnhMetaFile
GetDCOrgEx
SetEnhMetaFileBits
CreateFontA
SetDIBits
GetGlyphIndicesW
GetColorAdjustment
TranslateCharsetInfo
ResetDCA
GetGlyphOutlineW
SetGraphicsMode
RemoveFontResourceA
GetDeviceGammaRamp
DeleteColorSpace
GetCharWidthFloatA
GetArcDirection
DescribePixelFormat
GetStretchBltMode
PlayMetaFile
CombineRgn
EnumFontFamiliesExW
EnumFontsW
GetMetaRgn
GetRegionData
FillPath
EnumFontFamiliesExA
GetDCBrushColor
GetEnhMetaFileW
StrokePath
DPtoLP
GetCharABCWidthsFloatA
ExtSelectClipRgn
GetGlyphOutlineA
InvertRgn
SetDIBitsToDevice
SetBkColor
GetMapMode

wininet

InternetCloseHandle
InternetOpenA

Exports

Exports

dnyqq

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 556KB - Virtual size: 645KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01dfb71bf45858d4e0257828e7a1d70c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

ntdll

gdi32

wininet

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 556KB - Virtual size: 645KB

.rsrc Size: 4KB - Virtual size: 824B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 556KB - Virtual size: 645KB

.rsrc
Size: 4KB - Virtual size: 824B

.reloc
Size: 4KB - Virtual size: 3KB