80413e4afbcbe5a1e61e1035b1482e02

Sharing

Copy URL Twitter E-mail

General

Target

80413e4afbcbe5a1e61e1035b1482e02
Size

187KB
MD5

80413e4afbcbe5a1e61e1035b1482e02
SHA1

e4cb7d5de1481c279af59320c47b98ac7aaec07a
SHA256

eb0f6f32ea04e06cf0576e73824228e4f580ef72722a3eaff19c029b5e908fb9
SHA512

e451927b3f0a5eaff2bd522cc7c9bb4dd63c26e9b51d7f994d500a07d7aa9ee6ee459c4d4ef058ced3bb176668d622433a7fa79c6ca59f2d8d362a8a539ff01f
SSDEEP

3072:H7tcVMuqCN+31tutWtmiR2x37jHZ+E8QoOqwFOvLibzXpCDNvVenbGXzcb6r5TQ2:bqDbN+FgyR2hv0E8Q2hvubrp6NeMzcbG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
80413e4afbcbe5a1e61e1035b1482e02

Files

80413e4afbcbe5a1e61e1035b1482e02
.dll windows:4 windows x86 arch:x86

deaf0ee3ed0ff805e580c8a449846802

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SafeArrayGetUBound
VariantCopyInd
SafeArrayUnaccessData

user32

CreatePopupMenu
GetScrollInfo
CreateMenu
CreateIcon
CallNextHookEx
GetWindow
GetWindowTextA
SetWindowTextA
ClientToScreen
CreateWindowExA
DefFrameProcA
GetActiveWindow

comdlg32

GetSaveFileNameA

gdi32

GetObjectA
SetTextColor
GetDIBColorTable
LineTo

advapi32

RegCreateKeyExA
RegOpenKeyA
RegDeleteValueA

shell32

SHGetDesktopFolder
Shell_NotifyIconA
SHGetDiskFreeSpaceA

ole32

CoFreeUnusedLibraries
CoReleaseMarshalData
StgOpenStorage
GetHGlobalFromStream
StringFromIID
CoCreateInstanceEx
CoCreateGuid
CreateStreamOnHGlobal
CoCreateFreeThreadedMarshaler
CoRegisterClassObject

version

VerQueryValueA
GetFileVersionInfoA
VerInstallFileA

kernel32

lstrcmpiA
lstrlenA
GetModuleFileNameA
GetLastError
GetModuleHandleA
GetVersion
GlobalAlloc
EnterCriticalSection
GetVersionExA
lstrcmpA
LoadLibraryA
GetCommandLineA
VirtualAllocEx
FormatMessageA

comctl32

ImageList_DragShowNolock
ImageList_DrawEx

shlwapi

SHSetValueA
PathFileExistsA

msvcrt

tan
exit
memmove

Sections

CODE
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 153KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

deaf0ee3ed0ff805e580c8a449846802

Headers

File Characteristics

Imports

oleaut32

user32

comdlg32

gdi32

advapi32

shell32

ole32

version

kernel32

comctl32

shlwapi

msvcrt

Sections

CODE Size: 31KB - Virtual size: 31KB

.idata Size: 153KB - Virtual size: 296KB

.bss Size: 512B - Virtual size: 296B

.reloc Size: 1024B - Virtual size: 776B

CODE
Size: 31KB - Virtual size: 31KB

.idata
Size: 153KB - Virtual size: 296KB

.bss
Size: 512B - Virtual size: 296B

.reloc
Size: 1024B - Virtual size: 776B