8d1b1cc3702bb312bda6a8e7160e8414

Sharing

Copy URL Twitter E-mail

General

Target

8d1b1cc3702bb312bda6a8e7160e8414
Size

158KB
MD5

8d1b1cc3702bb312bda6a8e7160e8414
SHA1

43cee178e0ad44df41455d3133e57b34680060fe
SHA256

942db12882764e88aec3f31f2d04fc4a5b0eaf3a7298382a32ddf2895010742c
SHA512

f2134702d56c29dae362c730c8d4a360ca1baa5c63b23594f3fab4af9a9ee799970d97bed8a5b2f48791305e2232629415fd7cf6ce627797ea6c92bd4c970132
SSDEEP

3072:BNE/P1rXVBf1Idxi8f1NqWQntRsmv88S5rJ08V7IzhHqbPWoiAqoS88r9l0b:BMHBf1IdxZoWbmv835rrk9aZe9li

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d1b1cc3702bb312bda6a8e7160e8414

Files

8d1b1cc3702bb312bda6a8e7160e8414
.exe windows:5 windows x86 arch:x86

5a089a74a6f106110b1b676b5ea02fc1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mswsock

AcceptEx
GetAcceptExSockaddrs

kernel32

ExpandEnvironmentStringsW
TlsFree
LoadLibraryA
CreateThread
GetCurrentDirectoryW
GetTickCount
FindFirstFileW
LockResource
SetEvent
FindResourceA
Sleep
WideCharToMultiByte
FindNextFileW
EnterCriticalSection
CreateEventW
GetSystemDefaultUILanguage
InterlockedExchange
DeleteFileW
GetProcAddress
GlobalFree
GetSystemTimeAsFileTime
CreateFileW
LoadResource
SetUnhandledExceptionFilter
GetCurrentProcess
TlsAlloc
LocalSize
TlsGetValue
SetErrorMode
LeaveCriticalSection
GetUserDefaultLCID
GetCurrentProcessId
MultiByteToWideChar
ResetEvent
lstrcmpW
FindResourceExW
GetModuleHandleA
InterlockedIncrement
GetShortPathNameW
FreeLibrary
UnhandledExceptionFilter
lstrcpyW
GetACP
GetModuleHandleW
InterlockedCompareExchange
SizeofResource
DeleteCriticalSection
TlsSetValue
CloseHandle
GetModuleFileNameW
GetFullPathNameW
SetCurrentDirectoryW
lstrcmpiW
LoadLibraryW
SetLastError
GetTempFileNameW
GlobalUnlock
DelayLoadFailureHook
lstrlenA
GetLocaleInfoW
WaitForSingleObject
lstrcpyA
GetVolumeInformationW
DisableThreadLibraryCalls
FindResourceW
FormatMessageW
lstrcpynW
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
LocalReAlloc
InterlockedDecrement
GlobalLock
FreeResource
FindClose
GetLastError
LocalFree
GetProcessVersion
GetProfileStringW
FreeLibraryAndExitThread
TerminateProcess
lstrlenW
GetFileAttributesW
GetDriveTypeW
MulDiv
LocalAlloc
QueryPerformanceCounter
GlobalAlloc
GlobalReAlloc

comctl32

CreatePropertySheetPageW
CreateToolbar
ImageList_Destroy
CreateToolbarEx
PropertySheetW
InitCommonControlsEx
ImageList_Draw

ws2_32

WSASendTo
WSASocketW
WSAAddressToStringW
freeaddrinfo
getnameinfo
WSAIoctl
WSAEventSelect
WSARecvFrom
WSAAddressToStringA
WSALookupServiceBeginW
getaddrinfo
WSAStringToAddressA
WSALookupServiceNextW
WSALookupServiceEnd

user32

EnableWindow
SetParent
ReleaseDC
InvalidateRect
GetSysColorBrush
CallWindowProcW
DeferWindowPos
GetFocus
GetDlgItemTextW
TranslateAcceleratorW
SetWindowTextW
LoadStringW
DestroyMenu
RegisterClipboardFormatW
SetCapture
GetWindowTextW
MessageBoxW
CallNextHookEx
GetParent
CreateWindowExW
GetPropW
BeginDeferWindowPos
SendDlgItemMessageW
GetWindowLongW
DefWindowProcW
SetWindowPos
GetWindowLongA
GetDlgItemTextA
EqualRect
DialogBoxIndirectParamAorW
RegisterWindowMessageA
MessageBeep
LockWindowUpdate
KillTimer
GetWindowTextLengthW
UpdateWindow
GetSystemMetrics
CharLowerW
GetDialogBaseUnits
CharNextW
CreatePopupMenu
CharPrevW
IsWindow
CheckRadioButton
SetPropW
DrawEdge
LoadImageW
CreateDialogIndirectParamAorW
IsDlgButtonChecked
MapWindowPoints
ShowWindow
LoadCursorW
GetClientRect
DrawIcon
ClipCursor
RemovePropW
SetWindowPlacement
LoadAcceleratorsW
MsgWaitForMultipleObjects
GetDlgCtrlID
InflateRect
FindWindowExW
TranslateMessage
DrawTextW
FillRect
WinHelpW
SetWindowsHookExW
EndPaint
GetKeyboardLayout
GetDC
CreateDialogIndirectParamA
DispatchMessageW
SetWindowLongW
GetDlgItem
GetWindow
GetLastActivePopup
EndDeferWindowPos
LoadIconW
MoveWindow
BeginPaint
SetDlgItemTextW
IsWindowVisible
RegisterWindowMessageW
GetSystemMenu
IntersectRect
RedrawWindow
GetWindowRect
PtInRect
GetWindowPlacement
EndDialog
ShowCursor
SetTimer
CharNextA
GetKeyState
DialogBoxIndirectParamW
SetFocus
PeekMessageW
SetCursor
IsWindowEnabled
PostMessageW
CopyRect
ValidateRect
GetSysColor
GetDlgItemInt
ScreenToClient
GrayStringW
EnumChildWindows
UnhookWindowsHookEx
SetDlgItemInt
FrameRect
DestroyWindow
DrawFocusRect
SendMessageW
CheckDlgButton
SetDlgItemTextA
CreateDialogIndirectParamW
DlgDirListW
ChildWindowFromPoint
DeleteMenu

ntdll

RtlUnwind
RtlIsNameLegalDOS8Dot3
_wcsicmp
RtlUnicodeToMultiByteSize
RtlInitUnicodeStringEx
RtlUnicodeStringToAnsiString
memmove
_vsnwprintf
_chkstk
NtQueryVirtualMemory
RtlAnsiStringToUnicodeString
NtAllocateVirtualMemory

dnsapi

DnsApiAlloc
DnsApiFree

ole32

CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5a089a74a6f106110b1b676b5ea02fc1

Headers

DLL Characteristics

File Characteristics

Imports

mswsock

kernel32

comctl32

ws2_32

user32

ntdll

dnsapi

ole32

Sections

.text Size: 2KB - Virtual size: 2KB

.data Size: 10KB - Virtual size: 368KB

.rdata Size: 81KB - Virtual size: 81KB

.rsrc Size: 62KB - Virtual size: 61KB

.reloc Size: 512B - Virtual size: 28B

.text
Size: 2KB - Virtual size: 2KB

.data
Size: 10KB - Virtual size: 368KB

.rdata
Size: 81KB - Virtual size: 81KB

.rsrc
Size: 62KB - Virtual size: 61KB

.reloc
Size: 512B - Virtual size: 28B