8e134b3047e4c9356c8b78f63fd2801e

Sharing

Copy URL Twitter E-mail

General

Target

8e134b3047e4c9356c8b78f63fd2801e
Size

161KB
MD5

8e134b3047e4c9356c8b78f63fd2801e
SHA1

85436091d9f34165ec1293e9abd01538c62c6eee
SHA256

f0c4c50d889580a3c6b52e221bffc2e48fae986633b72b24a7886ccdaf916b79
SHA512

8823e4d58af50b2709a9bd8e9cc9259599bcdb4d601d01297f917f08b189ac5b737096040ec2b8493771c80d404347c82e4b37bd3d91a1aa28708690d70ab304
SSDEEP

3072:5dgPznK2yPW6uLS6KJ2vFRpHkDf40p4sGgnUnDnhncnUX9g4xU9ev+52iQgBNAU:M7buWnHUwo5GgnUnDnhncnUnxov5bQC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e134b3047e4c9356c8b78f63fd2801e

Files

8e134b3047e4c9356c8b78f63fd2801e
.dll windows:3 windows x86 arch:x86

30290bab99d92ff2bf1ded49503e3052

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OpenEventA
ReadFile
ReleaseMutex
SetEndOfFile
SetEvent
SetFilePointer
SetFileTime
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
CreateThread
ExitThread
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GlobalLock
GlobalUnlock
HeapAlloc
IsBadReadPtr
ResetEvent
SetErrorMode
Sleep
MapViewOfFile
HeapSize
GetEnvironmentVariableA
GetLocalTime
GetLocaleInfoA
GetWindowsDirectoryA
FileTimeToSystemTime
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetFileTime
GetLogicalDrives
SetFileAttributesA
CreatePipe
DuplicateHandle
GetExitCodeProcess
PeekNamedPipe
ResumeThread
TerminateProcess
TerminateThread
lstrcmpiA
MultiByteToWideChar
FormatMessageA
GetFileType
GetPrivateProfileSectionA
MoveFileA
VirtualAlloc
VirtualFree
WritePrivateProfileSectionA
LoadLibraryA
HeapFree
HeapDestroy
HeapCreate
GetVolumeInformationA
CloseHandle
GetVersion
GetTimeZoneInformation
GetTempPathA
GetSystemTime
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFileSize
FindNextFileA
FindFirstFileA
FindClose
DeleteFileA
CreateProcessA
CreateMutexA
CreateFileMappingA
CreateFileA
CreateEventA
HeapReAlloc

advapi32

GetUserNameA
RegEnumKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

user32

GetActiveWindow
GetClassNameA
GetClipboardData
GetMessageTime
GetParent
GetWindowThreadProcessId
IsClipboardFormatAvailable
MsgWaitForMultipleObjects
OpenClipboard
PeekMessageA
PostMessageA
RegisterClassA
SendMessageTimeoutA
DefWindowProcA
TranslateMessage
EnumWindows
UnregisterClassA
ExitWindowsEx
CharToOemBuffA
OemToCharBuffA
GetClientRect
SetWindowLongA
MoveWindow
SystemParametersInfoA
GetWindowLongA
LoadCursorA
DestroyWindow
CreateWindowExA
CloseClipboard
CallNextHookEx
PostThreadMessageA
UnhookWindowsHookEx
DispatchMessageA
MessageBoxA
SetWindowsHookExA

wsock32

inet_addr
shutdown
gethostname
WSAAsyncSelect
WSAGetLastError
bind
connect
inet_ntoa
listen
recv
send
getsockname
ioctlsocket
closesocket
accept
WSAStartup
WSAAsyncGetHostByAddr
WSAAsyncGetHostByName
WSACancelAsyncRequest
WSACleanup
socket

rpcrt4

UuidCreate

shell32

ShellExecuteA

ole32

CoCreateInstance
OleUninitialize
StringFromGUID2
OleInitialize

oleaut32

SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayGetLBound

Exports

Exports

DebugBreakpoint
DllCanUnloadNow
DllGetClassObject
Service
SpawnAndStart
Start
Uninstall

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 797B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shared
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30290bab99d92ff2bf1ded49503e3052

Headers

File Characteristics

Imports

kernel32

advapi32

user32

wsock32

rpcrt4

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 115KB - Virtual size: 115KB

.bss Size: - Virtual size: 16B

.rdata Size: 1024B - Virtual size: 797B

.data Size: 18KB - Virtual size: 18KB

.idata Size: 4KB - Virtual size: 3KB

shared Size: 6KB - Virtual size: 6KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 115KB - Virtual size: 115KB

.bss
Size: - Virtual size: 16B

.rdata
Size: 1024B - Virtual size: 797B

.data
Size: 18KB - Virtual size: 18KB

.idata
Size: 4KB - Virtual size: 3KB

shared
Size: 6KB - Virtual size: 6KB

.reloc
Size: 7KB - Virtual size: 7KB