987fcc4e67e265b1c12bb28c1ad7ca59

Sharing

Copy URL Twitter E-mail

General

Target

987fcc4e67e265b1c12bb28c1ad7ca59
Size

421KB
MD5

987fcc4e67e265b1c12bb28c1ad7ca59
SHA1

714362d252edde3858904306e80e9112d0af7e03
SHA256

c2ca312211150810e392df7dbfd1ed1c1e777588ad6ad7fac57ebd91ea325b7f
SHA512

993a70d8d1da95de29645dd8e1b3df5a971b337d76da72326669977ebaa031a41aaec4425844a85848da93f0e0b82e7f1b0f2e9bc7d7a7b2f67acb7bdca8372b
SSDEEP

6144:uINn5Bc//UsB6tdoBip3pKdbdMvCYVjiFOOa1YkBV+UdvrEFp7hKXr:uA5Bi8cmTEcv19ig/FBjvrEH7E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
987fcc4e67e265b1c12bb28c1ad7ca59

Files

987fcc4e67e265b1c12bb28c1ad7ca59
.dll windows:6 windows x86 arch:x86

d8f018211a0a17eda804c6d154f3a009

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

jsprofilerui.pdb

Imports

ntdll

RtlUnwind

kernel32

FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentVariableA
GetTempFileNameW
CloseHandle
WriteFile
CreateFileW
WideCharToMultiByte
DeleteFileW
GetEnvironmentVariableW
HeapAlloc
GetProcessHeap
HeapFree
lstrcmpW
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
LoadLibraryA
VirtualFree
VirtualAlloc
GetCommandLineA
VirtualProtect
GetSystemInfo
VirtualQuery
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
FindResourceExW
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
OutputDebugStringA
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
LoadLibraryExA
Sleep
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
LockResource
GlobalAlloc
GlobalLock
SearchPathW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
GlobalFree
CreateActCtxW
ReleaseActCtx
ActivateActCtx
DeactivateActCtx
InterlockedCompareExchange
SetLastError
GlobalUnlock
GetNumberFormatW
GetLocaleInfoW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
GetModuleHandleW
GetProcAddress
LoadLibraryW
InterlockedDecrement
InterlockedIncrement
GetLastError
LeaveCriticalSection
EnterCriticalSection
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
InterlockedExchange
GetVersionExW
GetModuleFileNameW
GetCurrentProcessId

user32

CheckMenuRadioItem
DeleteMenu
GetMenuItemCount
TrackPopupMenuEx
DestroyMenu
PostMessageW
GetKeyState
DrawTextW
GetDlgItem
GetSysColor
GetWindowLongA
DrawEdge
GetMessagePos
SetScrollInfo
GetScrollPos
SetScrollPos
UnregisterClassA
CreatePopupMenu
AppendMenuW
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
PtInRect
ReleaseCapture
GetCapture
SystemParametersInfoW
GetDlgCtrlID
SetCapture
KillTimer
SetTimer
InvalidateRect
UpdateWindow
ClientToScreen
RegisterClassExW
GetSystemMetrics
InflateRect
SetRect
SetWindowTextW
GetFocus
CallWindowProcW
DrawFocusRect
LoadCursorW
GetClassInfoExW
AdjustWindowRectEx
IsWindowEnabled
ScreenToClient
SetWindowPos
GetMenu
CreateWindowExW
GetWindowLongW
DefWindowProcW
GetDC
FillRect
ReleaseDC
LoadAcceleratorsW
SetDlgItemTextW
DestroyAcceleratorTable
SetFocus
IsWindowVisible
TranslateAcceleratorW
CreateDialogParamW
IsWindow
SetWindowLongW
ShowWindow
GetClientRect
GetParent
MoveWindow
DestroyWindow
GetSysColorBrush
GetWindowRect
SendMessageW
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
MessageBoxW
LoadStringW
CharNextW
LoadImageW
EnableWindow
GetCursorPos

ole32

CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysAllocStringLen
VarR8FromStr
SysAllocString
VarUI4FromStr
VariantChangeType
SysFreeString
VariantClear
VariantCopy
VariantInit

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW

gdi32

SetTextAlign
ExtTextOutW
SetBkMode
SetTextColor
GetTextExtentExPointW
BitBlt
CreateSolidBrush
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetTextExtentPoint32W
GetObjectW
SetBkColor
CreateFontIndirectW
DeleteDC
DeleteObject
GetTextExtentPointW
GetDeviceCaps
SetLayout

shlwapi

ord437
ord219

urlmon

ord423

iertutil

ord650
ord70
ord65
ord64
ord68
ord61

Exports

Exports

CreateProfileTab

Sections

.text
Size: 290KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8f018211a0a17eda804c6d154f3a009

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

kernel32

user32

ole32

oleaut32

oleacc

advapi32

gdi32

shlwapi

urlmon

iertutil

Exports

Exports

Sections

.text Size: 290KB - Virtual size: 290KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 25KB - Virtual size: 25KB

.text
Size: 290KB - Virtual size: 290KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 25KB - Virtual size: 25KB