8e58c4cbe3861fa5378bb5906078323f

Sharing

Copy URL Twitter E-mail

General

Target

8e58c4cbe3861fa5378bb5906078323f
Size

38KB
MD5

8e58c4cbe3861fa5378bb5906078323f
SHA1

ad353fbdc7e0e33f62e476ba1c869b9ca05ff924
SHA256

392834248fa2180443c468c401d8a21865df7398f49325ab4dee3ef84115e694
SHA512

c896bce7035dd7c3dd30ade1c85b018f66ab449699bfb8e9543d4296a429b9bc3f52c5a8f45bae81239633206db1af4faaa9cec02ee7975c8d34bb7385c3e383
SSDEEP

768:IQO3iw46MXQ1oI09TxKMp/TbY3OOOOOOOI27D7ztpRynqDs:Z69nQEMp/TyGXxpRyqDs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e58c4cbe3861fa5378bb5906078323f

Files

8e58c4cbe3861fa5378bb5906078323f
.dll windows:4 windows x86 arch:x86

bc85e0bab741c82bba07e9720ca862f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnumResourceTypesA
ExitProcess
GetACP
GetCommandLineA
GetFileSize
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
LocalAlloc
MultiByteToWideChar
SetLastError
SetUnhandledExceptionFilter
VirtualAlloc
VirtualFree
lstrcatA
lstrcmpA
lstrcpynA

msvcrt

wcscmp
vswprintf
strspn
realloc
fwprintf
exit
_except_handler3
_XcptFilter
__getmainargs
__p__commode
__set_app_type
memmove

ole32

CoInitialize
CoGetObject
CoTaskMemAlloc
CoTaskMemFree
CreateBindCtx
DoDragDrop
OleInitialize
OleQueryLinkFromData
CoCreateInstance

ntdll

NtSetInformationProcess
NtTerminateThread
NtSetInformationObject
RtlEnterCriticalSection
RtlEqualSid
RtlEqualUnicodeString
RtlInitString
RtlInitUnicodeString
RtlLeaveCriticalSection
RtlLockHeap
RtlNtStatusToDosError
RtlUpcaseUnicodeChar
NtQuerySystemInformation
NtNotifyChangeKey
NtMapViewOfSection
LdrUnloadDll
RtlCreateUnicodeString

shlwapi

PathIsUNCServerShareW
PathSkipRootW
SHDeleteValueW
AssocCreate
PathAppendW
PathCombineW
PathCompactPathW
PathFindExtensionW
PathFindNextComponentW
StrStrW
StrRetToBufW
StrFormatKBSizeW
SHStrDupW
SHGetValueW

comdlg32

PrintDlgW
PageSetupDlgA
GetSaveFileNameA
ChooseColorA
GetOpenFileNameW
GetFileTitleA
ChooseFontW

comctl32

CreatePropertySheetPageW
InitCommonControlsEx
ImageList_SetOverlayImage
ImageList_ReplaceIcon
ImageList_AddMasked
PropertySheetW

winmm

mmTaskBlock
mmGetCurrentTask
mixerSetControlDetails
mixerMessage
mixerGetNumDevs
mixerGetLineControlsW
mixerGetControlDetailsA
midiStreamProperty
midiStreamClose
midiOutUnprepareHeader
midiOutPrepareHeader
midiOutGetNumDevs
midiStreamOpen

oleaut32

SafeArrayCreate
SafeArrayDestroy
SafeArrayAllocDescriptor
VarBstrCat
VarBstrCmp
SafeArrayAllocData
SafeArrayAccessData
RevokeActiveObject
ClearCustData
GetErrorInfo
OleIconToCursor
OleLoadPicturePath
RegisterTypeLib
OleTranslateColor
SysReAllocString

user32

LoadImageA
CharLowerA
LoadCursorFromFileA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc85e0bab741c82bba07e9720ca862f9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ole32

ntdll

shlwapi

comdlg32

comctl32

winmm

oleaut32

user32

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 6KB - Virtual size: 5KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 21KB - Virtual size: 20KB