885a8360331d6f3e99ef90c43444dc5d

Sharing

Copy URL

Twitter E-mail

General

Target

885a8360331d6f3e99ef90c43444dc5d
Size

55KB
MD5

885a8360331d6f3e99ef90c43444dc5d
SHA1

c900746e663e1bd9738019935ccb7053dd4460d7
SHA256

c30760eeddde7e2aefe329ece15fa2351d8968d346c4f6954e6aa617edf50e17
SHA512

415dec4539d348b50b195aab33252968c20246b8d8b52a2a2cdf11e58a0d04e3e7b30a1e793044195d91500855e902046410bfddd6f2a1dec66b3295d717acc0
SSDEEP

1536:9kHBfzDlmUrWGQFOE91569/yoa6eR/tsKZQQRg/:uHBBEOE9zMBa/9Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
885a8360331d6f3e99ef90c43444dc5d

Files

885a8360331d6f3e99ef90c43444dc5d
.dll windows:4 windows x86 arch:x86

75207c14060050d19cdf0c912900f050

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFileExistsA

kernel32

CreateIoCompletionPort
HeapFree
Beep
CopyFileW
CopyFileExW
CopyFileExA
CopyFileA
ConvertThreadToFiber
ConvertDefaultLocale
ContinueDebugEvent
ConnectNamedPipe
CompareStringW
CompareStringA
CompareFileTime
CommConfigDialogW
CreateMailslotW
CreateMailslotA
CreateJobObjectW
CreateJobObjectA
CreateHardLinkW
CreateHardLinkA
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateFiberEx
CreateFiber
CreateEventW
CreateEventA
CreateDirectoryW
CreateDirectoryExW
CreateDirectoryExA
CreateDirectoryA
CreateConsoleScreenBuffer
HeapAlloc
GetProcessHeap

user32

ChildWindowFromPointEx
ChildWindowFromPoint
ChangeClipboardChain
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
ChangeMenuA
ChangeMenuW
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharLowerW
CharNextA
CharNextExA
CharNextW
CharPrevA
CharPrevExA
CharPrevW
CharToOemA
CharToOemBuffA
CharToOemBuffW
CharToOemW
CharUpperA
CharUpperBuffA
CharUpperBuffW
CharUpperW
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem
CheckRadioButton

msvcrt

memset

winmm

mmioInstallIOProcA

setupapi

SetupDiCreateDeviceInfoW
CM_Locate_DevNodeA
CM_Locate_DevNodeW
CM_Locate_DevNode_ExA
CM_Locate_DevNode_ExW
CM_Merge_Range_List
CM_Modify_Res_Des
CM_Modify_Res_Des_Ex
CM_Move_DevNode
CM_Move_DevNode_Ex
CM_Next_Range
CM_Open_Class_KeyA
CM_Open_Class_KeyW
CM_Open_Class_Key_ExA
CM_Open_Class_Key_ExW
CM_Open_DevNode_Key
CM_Open_DevNode_Key_Ex
CM_Query_And_Remove_SubTreeA
CM_Query_And_Remove_SubTreeW
CM_Query_And_Remove_SubTree_ExA
CM_Query_And_Remove_SubTree_ExW
CM_Query_Arbitrator_Free_Data
CM_Query_Arbitrator_Free_Data_Ex
CM_Query_Arbitrator_Free_Size
CM_Query_Arbitrator_Free_Size_Ex
CM_Query_Remove_SubTree
CM_Query_Remove_SubTree_Ex
CM_Query_Resource_Conflict_List
CM_Reenumerate_DevNode
CM_Reenumerate_DevNode_Ex
CM_Register_Device_Driver
CM_Register_Device_Driver_Ex
CM_Register_Device_InterfaceA
CM_Register_Device_InterfaceW
CM_Register_Device_Interface_ExA
CM_Register_Device_Interface_ExW
CM_Remove_SubTree
CM_Remove_SubTree_Ex
SetupDiGetClassDescriptionA
SetupDiGetClassBitmapIndex
SetupDiEnumDriverInfoW
SetupDiEnumDriverInfoA
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiDrawMiniIcon
SetupDiDestroyDriverInfoList
SetupDiDestroyDeviceInfoList
SetupDiDestroyClassImageList
SetupDiDeleteDeviceInterfaceData
SetupDiDeleteDeviceInfo
SetupDiDeleteDevRegKey
SetupDiCreateDeviceInterfaceW
SetupDiCreateDeviceInterfaceRegKeyW
SetupDiCreateDeviceInterfaceRegKeyA
SetupDiCreateDeviceInterfaceA
SetupDiCreateDeviceInfoListExW
SetupDiCreateDeviceInfoListExA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
SetupDiCreateDevRegKeyW
SetupDiCreateDevRegKeyA
SetupDiClassNameFromGuidW
SetupDiClassNameFromGuidExW
SetupDiClassNameFromGuidExA
SetupDiClassNameFromGuidA
SetupDiClassGuidsFromNameW
SetupDiClassGuidsFromNameExW
SetupDiClassGuidsFromNameExA
SetupDiClassGuidsFromNameA
SetupDiChangeState
SetupDiCancelDriverInfoSearch
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupDiBuildClassInfoListExW
SetupDiBuildClassInfoListExA
SetupDiBuildClassInfoList
SetupDiAskForOEMDisk
ExtensionPropSheetPageProc
CM_Unregister_Device_Interface_ExW
CM_Unregister_Device_Interface_ExA
CM_Unregister_Device_InterfaceW
CM_Unregister_Device_InterfaceA
CM_Uninstall_DevNode_Ex
CM_Uninstall_DevNode
CM_Test_Range_Available
CM_Setup_DevNode_Ex
CM_Setup_DevNode
CM_Set_HW_Prof_Flags_ExW
CM_Set_HW_Prof_Flags_ExA
CM_Set_HW_Prof_FlagsW
CM_Set_HW_Prof_FlagsA
CM_Set_HW_Prof_Ex
CM_Set_HW_Prof
CM_Set_DevNode_Registry_Property_ExW
CM_Set_DevNode_Registry_Property_ExA
CM_Set_DevNode_Registry_PropertyW
CM_Set_DevNode_Registry_PropertyA
CM_Set_DevNode_Problem_Ex
CM_Set_DevNode_Problem
CM_Set_Class_Registry_PropertyW
CM_Set_Class_Registry_PropertyA
CM_Run_Detection_Ex
CM_Run_Detection
CM_Request_Eject_PC_Ex
CM_Request_Eject_PC
CM_Request_Device_Eject_ExW
CM_Request_Device_Eject_ExA
CM_Request_Device_EjectW
CM_Request_Device_EjectA

Exports

Exports

wlhd

Sections

.code
Size: 44KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75207c14060050d19cdf0c912900f050

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

msvcrt

winmm

setupapi

Exports

Exports

Sections

.code Size: 44KB - Virtual size: 134KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1B

.rdata Size: 512B - Virtual size: 1B

.rsrc Size: 512B - Virtual size: 1B

.rsrc Size: 1024B - Virtual size: 776B

.reloc Size: 1024B - Virtual size: 980B

.code
Size: 44KB - Virtual size: 134KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1B

.rdata
Size: 512B - Virtual size: 1B

.rsrc
Size: 512B - Virtual size: 1B

.rsrc
Size: 1024B - Virtual size: 776B

.reloc
Size: 1024B - Virtual size: 980B