7c9ca79a15fd651e39962f757bba3565

Sharing

Copy URL Twitter E-mail

General

Target

7c9ca79a15fd651e39962f757bba3565
Size

268KB
MD5

7c9ca79a15fd651e39962f757bba3565
SHA1

6089a6acaeb69b6bcb3aa5211624a1d84e0aee50
SHA256

be5760d4d93bd2ca5462c4af9a39e0972bd1d0384dffb7395884edd472e5b55a
SHA512

731b6e2d760c33582e90a4f571384f0498bca19e9b225c9af0b60c2d3c843bf839f150df49f448d901aefa8b80229c4a3f37910dc3973b808c78cbe24d87b141
SSDEEP

6144:2VXyas1plvpumv87y+g8qdUuymkQ3ojduAFUfEdawodOj:qCaKpXumvnzHdAmdYjdfM89odO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c9ca79a15fd651e39962f757bba3565

Files

7c9ca79a15fd651e39962f757bba3565
.dll windows:4 windows x86 arch:x86

3dc1f6cd90e812881893fbf514e24bfb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathRemoveFileSpecA

kernel32

DeleteFileA
DeleteFileW
DeviceIoControl
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExitThread
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStringsA
GetEnvironmentStringsW
GetFileAttributesW
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GetWindowsDirectoryA
DeleteCriticalSection
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
CreateThread
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
ResetEvent
ResumeThread
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualLock
VirtualUnlock
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
lstrcmpiA
lstrlenA
lstrlenW
CreateMutexA
CreateFileW
CreateFileA
CreateEventA
CompareStringW
CompareStringA
CloseHandle
HeapAlloc
InterlockedDecrement

advapi32

RegSetValueExA
RegFlushKey
RegDeleteValueA
RegCloseKey
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
CloseServiceHandle
RegQueryValueExA
RegOpenKeyExA

user32

PeekMessageA
DispatchMessageA
CharUpperBuffA
wsprintfA
TranslateMessage

oleaut32

SysStringLen
SysFreeString
SysAllocString
SafeArrayDestroy

Exports

Exports

EnumAvValueRelease
EnumFileInItemRelease
EstimateTrackSize
GLUnmapBufferObjectAsync
GetFunctions_i
Memcpy2DToArray
MutexOperation
TextureFetch

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dc1f6cd90e812881893fbf514e24bfb

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

user32

oleaut32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 160KB

.data Size: 96KB - Virtual size: 120KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 160KB - Virtual size: 160KB

.data
Size: 96KB - Virtual size: 120KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB