748ec5b2e0b0ce598980b05a90e10d2a

Sharing

Copy URL Twitter E-mail

General

Target

748ec5b2e0b0ce598980b05a90e10d2a
Size

84KB
MD5

748ec5b2e0b0ce598980b05a90e10d2a
SHA1

3266f83f7d66cd9a0214172e0ad9a78bfb82fc69
SHA256

0e7fcf0d6a74ed59aa08a862db2081a94c924e616a1d242f2fba4082e9ff6027
SHA512

1208476f3e7409b4a72f3b2420f4c23e6c58e68aa3cda22659c66fc5fc8548ed9ad2f1ac444fa07d7a5f0adb2ad65d85711caf4561a8bb2fe0a4a87583603e47
SSDEEP

1536:lW9pSLHiPzqNY+V66tV71zoi4MlUIci8qOCiUNGVbeGJ:w9I2qXVt1oBMuIEpCiUNGVPJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
748ec5b2e0b0ce598980b05a90e10d2a

Files

748ec5b2e0b0ce598980b05a90e10d2a
.dll windows:4 windows x86 arch:x86

90e3c95333f167c56703a3107356ceaf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitThread
GetProcessAffinityMask
GetThreadPriority
SetComputerNameA
GetShortPathNameA
GetFileType
SetVolumeLabelA
LoadResource
CreateProcessW
GetTapeParameters
GetFullPathNameW
VerifyVersionInfoW
GetNumberFormatW
GetEnvironmentVariableA
FlushConsoleInputBuffer
GetConsoleCP
ReadConsoleW
FindResourceA
FindActCtxSectionStringW
GlobalGetAtomNameW
GetCommConfig
WriteProfileStringA
GetFileSizeEx
SetDefaultCommConfigW
ReadProcessMemory
TerminateThread
GlobalHandle
SetTimeZoneInformation
GetProfileStringA
LockFile
CallNamedPipeA
ResumeThread
BeginUpdateResourceA
IsBadWritePtr
ReadConsoleA
SetMailslotInfo
BackupRead
SuspendThread
OpenMutexW
CreateFileW
HeapLock
VerifyVersionInfoA
SetConsoleMode
WinExec
BindIoCompletionCallback
EnumResourceLanguagesW
PeekConsoleInputA
SetCommTimeouts
GetSystemInfo
FindResourceExA
GlobalMemoryStatus
SetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetExitCodeProcess
GetSystemDirectoryW
GetVolumeInformationW
LocalSize
MoveFileExW
InterlockedCompareExchange
UnmapViewOfFile
InterlockedExchange
CopyFileA
CreateProcessA
GetModuleHandleA
HeapAlloc
CreateMutexA
lstrlenW
InterlockedDecrement
GetCurrentProcessId
GetProcAddress
Sleep
LoadLibraryA
MapViewOfFile
EnterCriticalSection
WaitForSingleObject
CloseHandle
GetDriveTypeW

user32

AdjustWindowRect
GetUpdateRgn
IsCharAlphaNumericA
CharUpperW
GetProcessWindowStation
DrawMenuBar
SetWindowLongW
SetPropW
SetActiveWindow
OpenInputDesktop
WinHelpA
CreateDialogParamW
MessageBoxA
ChangeDisplaySettingsA
IsDialogMessageW
ReplyMessage
CreateAcceleratorTableW
GetClassLongW
CopyIcon
GetScrollInfo
AttachThreadInput
FreeDDElParam
ChildWindowFromPointEx
MsgWaitForMultipleObjects
ValidateRect
GetDlgItem
SetRect
GetDlgItemInt
PostThreadMessageA
wsprintfW
CharUpperA
SetMenuItemBitmaps
CreateDialogIndirectParamW
PeekMessageA
CharLowerBuffW
SetClassLongW
GetCursor
CharPrevW
AppendMenuW
PostMessageW
SetWindowWord
EnumDisplaySettingsW
RegisterWindowMessageW
UnregisterHotKey
IsWindowVisible
CreateIcon
SubtractRect
InsertMenuItemA
EndDialog
ReuseDDElParam
SendMessageTimeoutA
GetMenuItemInfoA
EndTask
RedrawWindow
EnableMenuItem
CreatePopupMenu
GetMonitorInfoA
TrackPopupMenuEx
IsZoomed
GetWindowLongA
ChangeDisplaySettingsExW
MessageBoxIndirectA
EnumDesktopsW
GetMenuStringA
IsCharAlphaW
GetClassLongA
WaitMessage
VkKeyScanA
DialogBoxParamA
RegisterWindowMessageA
GetClassNameA
GetWindowThreadProcessId
GetParent
DestroyWindow
SetTimer
CreateWindowExA
SetWinEventHook
GetMessageA
UnhookWinEvent
RegisterClassExA
PostMessageA
ModifyMenuW

oleaut32

SysReAllocString
SysStringByteLen
SysFreeString

shell32

ExtractIconW
SHGetFolderPathA
SHGetSettings
SHSetLocalizedName
CommandLineToArgvW
SHAppBarMessage

gdi32

PlayMetaFile
SetTextCharacterExtra
DeleteDC
SetPixel
FillPath
DeleteEnhMetaFile
EqualRgn
ExtCreateRegion
CreateHalftonePalette
CreateDIBitmap
DeleteMetaFile
SetViewportExtEx
CreateEnhMetaFileA
GetTextCharsetInfo
GetPath
GetBrushOrgEx
GetTextExtentPointA
CopyMetaFileA
DPtoLP
GetRgnBox
IntersectClipRect
GetTextCharacterExtra
WidenPath
GetPolyFillMode
StartDocA
UnrealizeObject
ExtFloodFill
ExtTextOutW
CopyEnhMetaFileA
SetBkColor
SetPixelV
PolylineTo
Polyline
GetObjectA
GetWindowExtEx
GetStockObject
PlayEnhMetaFile

Exports

Exports

confMousesvc

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90e3c95333f167c56703a3107356ceaf

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB