8a380009d89679b8db445df4b85bb390

Sharing

Copy URL Twitter E-mail

General

Target

8a380009d89679b8db445df4b85bb390
Size

155KB
MD5

8a380009d89679b8db445df4b85bb390
SHA1

1fddd265c699d19352b692347cf9057659927d24
SHA256

89f8a2836cc49bb7ba2d7cec423d4307d5187311ab24120008dd6fdbf983fb9a
SHA512

6eba7c38559b221c6f24ec35fb338b6df7f4f850d10d1717f0576a9cc72a1c2f21351eb649ecafd53fad43036f497884359220b0bf9655ffccd91e04bdcbfdd2
SSDEEP

3072:r7ULZ9k/tqUG+2mlloW5IG7riv+JA2cZCpPeZ+YDfAyRWIq8VewQOQDTuy:r7UjUGQl/IGvFtcZCpPS+YDAyI0ewT+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a380009d89679b8db445df4b85bb390

Files

8a380009d89679b8db445df4b85bb390
.dll windows:6 windows x86 arch:x86

cda91fa741f9db5ab4d99ab2f7bb86a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

ShellExecuteA

kernel32

Process32Next
GetTempPathA
WriteConsoleW
SetEndOfFile
HeapSize
CreateFileW
SetStdHandle
FlushFileBuffers
GetStringTypeW
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetFileSizeEx
GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetFileType
GetStdHandle
CreateProcessA
ResumeThread
SuspendThread
TerminateThread
ExitThread
GetCurrentThread
CreateThread
TerminateProcess
ExitProcess
GetCurrentProcess
Sleep
PeekNamedPipe
CreatePipe
GetLastError
CloseHandle
CreateToolhelp32Snapshot
ReadFile
GetFileAttributesA
GetDriveTypeA
FindNextFileA
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
CreateDirectoryA
GetEnvironmentVariableA
GetComputerNameA
MoveFileA
CopyFileA
lstrcatA
lstrcpyA
LocalAlloc
GlobalMemoryStatus
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
DecodePointer
FreeLibrary
GetVersionExA
GetTickCount
GetSystemInfo
Process32First
LCMapStringW
HeapReAlloc
HeapFree
HeapAlloc
GetModuleFileNameW
GetModuleHandleExW
RaiseException
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
InterlockedFlushSList
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WriteFile
OpenProcess

user32

CallNextHookEx
wsprintfA
ToUnicodeEx
GetMessageA
TranslateMessage
DispatchMessageA
ExitWindowsEx
SendMessageA
PostQuitMessage
IsWindow
DestroyWindow
ShowWindow
IsWindowVisible
CreateDialogParamA
EndDialog
GetKeyState
GetKeyboardState
ToAsciiEx
GetSystemMetrics
GetForegroundWindow
GetDC
GetWindowDC
ReleaseDC
GetWindowTextA
GetDesktopWindow
GetWindow
SetWindowsHookExA
UnhookWindowsHookEx

advapi32

AdjustTokenPrivileges
OpenThreadToken
AllocateAndInitializeSid
StartServiceA
QueryServiceStatusEx
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
EnumServicesStatusA
ControlService
CloseServiceHandle
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegCreateKeyA
RegCloseKey
GetUserNameA
LookupPrivilegeValueA
GetTokenInformation
FreeSid
EqualSid
OpenProcessToken

gdi32

GetObjectA
CreateDIBSection
SetPixel
SetDIBits
SaveDC
RestoreDC
GetPixel
GetDIBits
GetDeviceCaps
DeleteObject
DeleteDC
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SelectObject

ws2_32

bind
accept
inet_addr
inet_ntoa
listen
recv
send
htons
gethostbyname
gethostname
WSAStartup
WSACleanup
WSASetLastError
WSAGetLastError
WSAAsyncSelect
socket
connect
closesocket

winmm

mciSendStringA

gdiplus

GdipFree
GdiplusStartup
GdiplusShutdown
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipCloneImage
GdipAlloc
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipDisposeImage

ntdll

RtlUnwind

userenv

GetUserProfileDirectoryA

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

Exports

Exports

?KeyEvent@@YGJHIJ@Z

Sections

.data
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cda91fa741f9db5ab4d99ab2f7bb86a7

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

user32

advapi32

gdi32

ws2_32

winmm

gdiplus

ntdll

userenv

avicap32

Exports

Exports

Sections

.data Size: 142KB - Virtual size: 141KB

.bss Size: - Virtual size: 32KB

.idata Size: 5KB - Virtual size: 5KB

.reloc Size: 7KB - Virtual size: 6KB

.data
Size: 142KB - Virtual size: 141KB

.bss
Size: - Virtual size: 32KB

.idata
Size: 5KB - Virtual size: 5KB

.reloc
Size: 7KB - Virtual size: 6KB