8dc7f3508928cc28fc2cd9859f917149

General

Target

8dc7f3508928cc28fc2cd9859f917149
Size

232KB
MD5

8dc7f3508928cc28fc2cd9859f917149
SHA1

df554ae16429315bf017eaa22f2ba53592d546e3
SHA256

3f434ed77d8d4a73003259af8bd894252f4b2985da7e9222c09ab0c8ae646d05
SHA512

81a368feaee1bdf2b9a11fe15dfabef8f286ccf329fbc7d6529451d1556092f71ecdf242367548d743e8b68391f0ffbf9fd005b76c945a31d7ec376dca67b290
SSDEEP

6144:SRoZzA7ZeRRoALxhasKO39vCGwRoEGDyl:SRhsRuALxtWq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dc7f3508928cc28fc2cd9859f917149

Files

8dc7f3508928cc28fc2cd9859f917149
.dll windows:4 windows x86 arch:x86

6b37007ed542f99f75b9fe42ec56eeaf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
ExitProcess
FindClose
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCommandLineA
GetCommandLineW
GetCurrentProcess
GetEnvironmentStringsW
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemInfo
GetSystemTimeAsFileTime
GetVersionExA
HeapAlloc
HeapCreate
HeapReAlloc
IsValidLocale
LCMapStringA
LocalFree
MultiByteToWideChar
ReadProcessMemory
RtlUnwind
SetEnvironmentVariableA
SetEvent
SetHandleCount
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
VirtualQueryEx
WideCharToMultiByte
WriteConsoleA

user32

TranslateAcceleratorA
SetUserObjectSecurity
RegisterWindowMessageA
PostMessageA
OffsetRect
LoadMenuA
LoadAcceleratorsA
KillTimer
IsDialogMessageA
GetWindowTextA
GetMessageA
GetDlgItem
GetDesktopWindow
GetDC
GetCursorPos
FillRect
EndPaint
DefDlgProcA
ClientToScreen
EmptyClipboard

advapi32

RegOpenKeyA
BuildTrusteeWithSidW
CryptVerifySignatureA
ElfReadEventLogA
GetFileSecurityA
GetMultipleTrusteeA
ImpersonateLoggedOnUser
LsaAddAccountRights
LsaQueryInfoTrustedDomain
AccessCheckByType
MakeSelfRelativeSD

ddraw

DirectDrawEnumerateA
DirectDrawEnumerateW
DirectDrawCreate

ole32

CoCreateGuid
CoCreateInstance
CoGetMalloc
CoTaskMemFree

Exports

Exports

SetDesiredUDFPartitionType

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b37007ed542f99f75b9fe42ec56eeaf

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ddraw

ole32

Exports

Exports

Sections

.text Size: 142KB - Virtual size: 142KB

.data Size: 83KB - Virtual size: 139KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 876B

.text
Size: 142KB - Virtual size: 142KB

.data
Size: 83KB - Virtual size: 139KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 876B