97d4e1bd1f29cce19488794eeac0cb6e

Sharing

Copy URL Twitter E-mail

General

Target

97d4e1bd1f29cce19488794eeac0cb6e
Size

192KB
MD5

97d4e1bd1f29cce19488794eeac0cb6e
SHA1

e9235460666d5373a767a3d6a6e41d5c2280b3bd
SHA256

e002b608a882911c7bed185f248830f29c929e12e5de0c7aba28b73b42369c91
SHA512

390cac6c4341a65b1fb4955259541b76b7b0948be75f8cca92326b0173ec1bec330dce9e6b6b107d4e8178a1e4d6c61cb58b4395c6f492d32de922c2fd1f2adb
SSDEEP

3072:HCOikWCcwvO59l3dkj8/JzQWrTEMHhnKbNSv8otkLs6gzWrnCsR653U+9X7SkXJP:HykmJzzobIvZtr66Wrn/RyEi7N5P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97d4e1bd1f29cce19488794eeac0cb6e

Files

97d4e1bd1f29cce19488794eeac0cb6e
.dll windows:4 windows x86 arch:x86

0c72504ef54752b09be0cbe574e3278a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ClientToScreen
GetWindowTextA
PtInRect
CharToOemA
SetScrollPos
EmptyClipboard
GetScrollRange
GetScrollInfo
IsWindowEnabled
GetWindowThreadProcessId
GetSysColorBrush
SetScrollInfo
GetCursorPos
RegisterClassA
SetRect
GetKeyboardLayoutNameA
ActivateKeyboardLayout
GetMenuItemInfoA
DestroyMenu
CreatePopupMenu
FillRect
TranslateMessage
GetMenu
ReleaseCapture
OemToCharA
DefMDIChildProcA
ReleaseDC
IsDialogMessageA
OpenIcon
SetTimer
RemoveMenu
IsIconic
MessageBoxA
LoadBitmapA
GetClassInfoA
wsprintfA
DrawTextA
GetClassNameA
GetDC
UnregisterClassA
EnableMenuItem
DrawIconEx
CharNextW
GetDesktopWindow
GetWindowLongA
GetScrollPos
CharLowerBuffA
PostQuitMessage
GetMenuItemCount
GetSysColor
GetKeyNameTextA
GetFocus
CharLowerA
LoadCursorA
UnhookWindowsHookEx
CheckMenuItem
SendMessageW
SetActiveWindow
GetTopWindow
IsMenu
SystemParametersInfoA
IsDlgButtonChecked
DrawFrameControl
IntersectRect

kernel32

FormatMessageA
SetThreadLocale
GetStdHandle
IsBadReadPtr
GetProcessHeap
GetCurrentThreadId
SetFilePointer
VirtualQuery
GlobalDeleteAtom
LoadLibraryExA
GlobalAlloc
FindFirstFileA
SizeofResource
VirtualAlloc
LocalAlloc
ResetEvent
VirtualFree
ExitProcess
EnterCriticalSection
GetVersionExA
lstrlenA
SetLastError
LoadLibraryA
lstrcmpiA

gdi32

GetTextAlign
GetTextColor
GetDCOrgEx

comctl32

ImageList_DragShowNolock
ImageList_Add
ImageList_Read
ImageList_Destroy
ImageList_Remove
ImageList_Create
ImageList_DrawEx
ImageList_GetBkColor
ImageList_Write

Exports

Exports

_voiJYglKZ
AYhqKuk
_0MqcFSs
_farmU
vz0gp
1XdT8lnZWjRcU@20
_3dwSgLwsgMTjM@12
hNytbFdm7
7BPmW@20
_Pmk1FY9cw6fy79@12
oscxSUUkk

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.badata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c72504ef54752b09be0cbe574e3278a

Headers

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 9KB - Virtual size: 141KB

.data Size: 148KB - Virtual size: 148KB

.edata Size: 2KB - Virtual size: 2KB

.badata Size: 1KB - Virtual size: 1KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 9KB - Virtual size: 141KB

.data
Size: 148KB - Virtual size: 148KB

.edata
Size: 2KB - Virtual size: 2KB

.badata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 2KB - Virtual size: 1KB