8f1756d3a22238763ddbe76a700fa0c9

Sharing

Copy URL Twitter E-mail

General

Target

8f1756d3a22238763ddbe76a700fa0c9
Size

42KB
MD5

8f1756d3a22238763ddbe76a700fa0c9
SHA1

7cb5a85ec6d561972a6b0b880b67d4fff94f0488
SHA256

1de050cb42a1711d2cd68e249b265dd6df2642642b6c8f69a0cbf1a54f0858ac
SHA512

fa11b864fe99a348c6485ae4b59ddfcf9f84636add5d2e5c791da4a7db34ad9a5ffa3e46637aabafd5aad12905362a01ac50c7550649b96336e5fe66521f5d5a
SSDEEP

768:wdWrhY21r7R/2NF3SCyY22lKOdoGj0m7XjYvVYGLi051FMRnkGI9Dlf7OGW:wAr7CRxyYfKOn326GLD1inkG6f7Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f1756d3a22238763ddbe76a700fa0c9

Files

8f1756d3a22238763ddbe76a700fa0c9
.dll windows:6 windows x86 arch:x86

eef58070020e7213d3b3fad0580884e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

AltTab.pdb

Imports

msvcrt

free
_initterm
_amsg_exit
_adjust_fdiv
_except_handler4_common
memset
_CIcos
_CIsin
_ftol2
??_U@YAPAXI@Z
??_V@YAXPAX@Z
_purecall
??2@YAPAXI@Z
malloc
_XcptFilter
??3@YAXPAX@Z

kernel32

InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
InterlockedExchange
Sleep
InitializeCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
InterlockedIncrement
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleW
GlobalAddAtomW
CompareStringW
QueryPerformanceFrequency
IsDebuggerPresent
GetCurrentProcessId
DeleteCriticalSection
QueryFullProcessImageNameW
OpenProcess
GetCurrentThread
SetThreadPriority
InterlockedCompareExchange
LoadLibraryExW
CloseHandle
ReleaseMutex
GetLastError
CreateMutexW
FreeLibrary

oleaut32

VariantInit
SysAllocString

advapi32

EventWrite
GetTraceEnableFlags
GetTraceEnableLevel
EventRegister
EventUnregister
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceLoggerHandle
EventEnabled

uxtheme

OpenThemeData
CloseThemeData
BufferedPaintInit
BufferedPaintUnInit
DrawThemeTextEx
DrawThemeBackground
GetThemeMargins
IsThemeActive
IsCompositionActive
BeginBufferedPaint
EndBufferedPaint

comctl32

ord329
ord338
ord328
ord334
ord336
ImageList_CoCreateInstance

shlwapi

SHGetValueW
ord219
ord16
ord197

oleacc

AccessibleObjectFromWindow
LresultFromObject

shell32

SHAppBarMessage

dwmapi

DwmUnregisterThumbnail
DwmExtendFrameIntoClientArea
DwmRegisterThumbnail
DwmSetWindowAttribute
DwmQueryThumbnailSourceSize
DwmUpdateThumbnailProperties

gdi32

GetDeviceCaps

user32

LoadCursorW
GetFocus
SetTimer
NotifyWinEvent
KillTimer
ReleaseCapture
UpdateWindow
SetWindowPos
SetLayeredWindowAttributes
OffsetRect
UpdateLayeredWindow
EnumWindows
GetWindowThreadProcessId
ClientToScreen
GetParent
SendMessageCallbackW
InternalGetWindowText
LoadIconW
GetClassLongW
SwitchToThisWindow
FindWindowW
PostMessageW
DestroyIcon
GetDesktopWindow
GetWindowRgnBox
GetUpdateRect
BeginPaint
EndPaint
SetCapture
SetForegroundWindow
GetKeyState
GetAsyncKeyState
SetFocus
CloseDesktop
GetThreadDesktop
SetThreadDesktop
OpenInputDesktop
GetSystemMetrics
DispatchMessageW
TranslateMessage
GetMessageW
UnhookWinEvent
SetWinEventHook
GetWindowLongW
CreateWindowExW
DestroyWindow
UnregisterHotKey
RegisterHotKey
IsWindow
SetWindowLongW
DefWindowProcW
RegisterClassW
ReleaseDC
GetDC
UnregisterClassW
LoadStringW
SendMessageW
GetWindow
SetCursor
GetClientRect
InflateRect
ScreenToClient
GetCursorPos
SystemParametersInfoW
ShowWindow
IsRectEmpty
IsWindowVisible
GetWindowRect
GhostWindowFromHungWindow
IsWindowEnabled
InvalidateRect
SetRectEmpty
PtInRect
HungWindowFromGhostWindow
GetShellWindow
GetForegroundWindow

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eef58070020e7213d3b3fad0580884e3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

oleaut32

advapi32

uxtheme

comctl32

shlwapi

oleacc

shell32

dwmapi

gdi32

user32

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 33KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB