970d19122991d758f9df15a10be14158

Sharing

Copy URL Twitter E-mail

General

Target

970d19122991d758f9df15a10be14158
Size

52KB
MD5

970d19122991d758f9df15a10be14158
SHA1

0d70d85bc26240f0a791408563bc7edbb8972df7
SHA256

e611e563e6b7315b67ab233896948a917cab1ca94b1bfb03a5cc0d2387c827df
SHA512

179c9834210b0997d034b56a1cdeabe8709d6822bee695157f4f40d9aa7c0654095e47498a09b5ef80e8bc7f81fb5a9a0e64fb5bcc610e49c8cb65b926d32ee1
SSDEEP

768:wUc8ARUx8B7ATHiw1UmtUZBG+NzEiMCszDDjcBzA6ALLEwE57hTy/tsu4N:wU+RS+ATHt1jQBG+BT3A5EBy/tsu4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
970d19122991d758f9df15a10be14158

Files

970d19122991d758f9df15a10be14158
.dll windows:4 windows x86 arch:x86

7522083e52f7bec4ed9f92eb435a7d94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

UrlCanonicalizeA

kernel32

CreateHardLinkW
GetFileTime
Beep
CopyFileW
CopyFileExW
CopyFileExA
CopyFileA
ConvertThreadToFiber
ConvertDefaultLocale
ContinueDebugEvent
ConnectNamedPipe
CompareStringW
CompareStringA
CompareFileTime
CommConfigDialogW
CreateMailslotW
CreateMailslotA
CreateJobObjectW
CreateJobObjectA
CreateIoCompletionPort
CreateHardLinkA
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateFiberEx
CreateFiber
CreateEventW
CreateEventA
CreateDirectoryW
CreateDirectoryExW
CreateDirectoryExA
CreateDirectoryA
CreateConsoleScreenBuffer
HeapAlloc
GetProcessHeap
HeapFree

user32

CharPrevA
ChildWindowFromPointEx
ChildWindowFromPoint
CheckRadioButton
ChangeClipboardChain
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
ChangeMenuA
ChangeMenuW
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharLowerW
CharNextExA
CharNextW
CharNextA
CharPrevExA
CharPrevW
CharToOemA
CharToOemBuffA
CharToOemBuffW
CharToOemW
CharUpperA
CharUpperBuffA
CharUpperBuffW
CharUpperW
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem

msvcrt

memset

winmm

mmioInstallIOProcA

setupapi

SetupDiEnumDeviceInterfaces
CM_Open_Class_KeyA
CM_Register_Device_InterfaceW
CM_Register_Device_Interface_ExA
CM_Register_Device_Interface_ExW
CM_Remove_SubTree
CM_Remove_SubTree_Ex
CM_Request_Device_EjectA
CM_Request_Device_EjectW
CM_Request_Device_Eject_ExA
CM_Request_Device_Eject_ExW
CM_Request_Eject_PC
CM_Request_Eject_PC_Ex
CM_Set_HW_Prof_Ex
CM_Set_HW_Prof_FlagsA
CM_Set_HW_Prof_FlagsW
CM_Set_HW_Prof_Flags_ExA
CM_Set_HW_Prof_Flags_ExW
SetupDiClassGuidsFromNameA
SetupDiClassGuidsFromNameExA
SetupDiEnumDriverInfoA
SetupDiClassGuidsFromNameExW
SetupDiClassGuidsFromNameW
SetupDiClassNameFromGuidA
SetupDiClassNameFromGuidExA
SetupDiClassNameFromGuidExW
SetupDiClassNameFromGuidW
SetupDiCreateDevRegKeyA
SetupDiCreateDevRegKeyW
SetupDiCreateDeviceInfoA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoListExA
SetupDiCreateDeviceInfoListExW
SetupDiCreateDeviceInfoW
SetupDiCreateDeviceInterfaceA
SetupDiDestroyDriverInfoList
SetupDiDrawMiniIcon
SetupDiGetClassDescriptionA
SetupDiGetClassBitmapIndex
SetupDiEnumDriverInfoW
SetupDiEnumDeviceInfo

Exports

Exports

ztxobqmqg

Sections

.code
Size: 44KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7522083e52f7bec4ed9f92eb435a7d94

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

msvcrt

winmm

setupapi

Exports

Exports

Sections

.code Size: 44KB - Virtual size: 133KB

.rdata Size: 4KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 1B

.reloc Size: 512B - Virtual size: 1B

.rsrc Size: 1024B - Virtual size: 776B

.reloc Size: 1024B - Virtual size: 828B

.code
Size: 44KB - Virtual size: 133KB

.rdata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 1B

.reloc
Size: 512B - Virtual size: 1B

.rsrc
Size: 1024B - Virtual size: 776B

.reloc
Size: 1024B - Virtual size: 828B