7dadc72269b47117f2000e3a25a1820f

Sharing

Copy URL Twitter E-mail

General

Target

7dadc72269b47117f2000e3a25a1820f
Size

144KB
MD5

7dadc72269b47117f2000e3a25a1820f
SHA1

48d35007a543fae48c716642178f6391ef818a46
SHA256

7453aa7b5032fa691e3d3d6992eb2b3d945028adb47b4abfe9ee3c4dfb026eb5
SHA512

b543e38d929053299c77e81319bf45a3d9110f30743ce56415235c4ad3a12dc04bc46675d5eb513f1dbfabcea7da8cd34a7cda78126297df4a8ca0124513a8f0
SSDEEP

3072:1NDsA/9xB2YC1L5yR3A9LMy01enLgiWfA+K3JEPBWPGOpl086jFkZQ:UYxBSLh9LMy0ALgdfpJP8PGOb086jFkG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7dadc72269b47117f2000e3a25a1820f

Files

7dadc72269b47117f2000e3a25a1820f
.dll windows:4 windows x86 arch:x86

2356a7f7f495bf1555adac41d15fda7a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OpenEventA
GetCurrentProcess
CreateFileA
CreateFileMappingA
GetModuleHandleA
Sleep
CopyFileA
CreateProcessA
SetLastError
UnmapViewOfFile
LoadLibraryA
HeapFree
CreateEventA
GetProcAddress
InterlockedCompareExchange
WriteProcessMemory
GetCommandLineA
HeapAlloc
CreateDirectoryA
WaitForSingleObject
GetComputerNameA
EnterCriticalSection
GetLastError
ReadProcessMemory
LocalFree
CreateMutexW
TerminateProcess
GetVolumeInformationA
GetTickCount
CloseHandle
OpenFileMappingA
WriteFile
InterlockedIncrement
GetProcessHeap
MapViewOfFile
GlobalFree
LeaveCriticalSection
GetModuleFileNameA
GlobalAlloc
ExitProcess
InterlockedDecrement

ole32

CoSetProxyBlanket
CoUninitialize
OleSetContainedObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoTaskMemAlloc
OleCreate

user32

DispatchMessageA
PeekMessageA
ScreenToClient
DefWindowProcA
PostQuitMessage
GetWindowLongA
GetWindowThreadProcessId
SetWindowsHookExA
GetMessageA
SetTimer
TranslateMessage
GetClassNameA
SetWindowLongA
RegisterWindowMessageA
ClientToScreen
GetSystemMetrics
GetWindow
GetParent
SendMessageA
CreateWindowExA
UnhookWindowsHookEx
DestroyWindow
GetCursorPos
KillTimer
FindWindowA

oleaut32

SysAllocString
SysStringLen
SysAllocStringLen
SysFreeString

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegSetValueExA
SetTokenInformation
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
DuplicateTokenEx
GetUserNameA
OpenProcessToken
RegDeleteKeyA
RegCloseKey
RegDeleteValueA

shell32

SHGetFolderPathA

Exports

Exports

DesktopWIlog

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2356a7f7f495bf1555adac41d15fda7a

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 976B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 976B

.reloc
Size: 8KB - Virtual size: 6KB