9af877018b03845b5092349eccadfb81

Sharing

Copy URL

Twitter E-mail

General

Target

9af877018b03845b5092349eccadfb81
Size

159KB
MD5

9af877018b03845b5092349eccadfb81
SHA1

ecb82875d0fd15cdc9d65750305d569ff789fb15
SHA256

ead54ebee9675b57479030332de2bc18e4a54da2f125dd9dab2b3528e67428fe
SHA512

db0ece21d296d89d337f53f39d5cf47f7fa7ff7061ed0f517a91bd0b0fd953325e375f8a651aee02cb7e5f00e75e85e4b19b2257348485634f8f29bfa69925d3
SSDEEP

3072:toQDs0eyO2n5S/vy+qawEj2YtvixPhdjJLuf7WIhpzi2:GqHQ/vfRjJix/d6fBi2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9af877018b03845b5092349eccadfb81

Files

9af877018b03845b5092349eccadfb81
.dll windows:5 windows x86 arch:x86

488922af77a7bb8f428e8b98bac8308b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

M:\hZpryhYpewx\KBpeuKWkv\dykoyywlxQ\zhyrwaHXXfg\zezazqaJufxvn.pdb

Imports

user32

ShowWindowAsync
IsCharUpperA
LoadBitmapW
GetMenu
PostQuitMessage
SendMessageTimeoutW
WaitForInputIdle
ShowCursor
InternalGetWindowText
FindWindowExA
wsprintfA
EqualRect
OpenDesktopW
IsWindowVisible
GetDlgItemTextW
IsCharLowerA
FindWindowExW
SetScrollPos
RegisterClassExA
DrawMenuBar
wsprintfW
CharUpperBuffW
AdjustWindowRectEx
GetClassLongA
EnableScrollBar
CreateAcceleratorTableW
ModifyMenuW
SetRectEmpty
SetDlgItemTextW
RemovePropW
GetForegroundWindow
MessageBoxA
IsDialogMessageW
CreateCaret
wvsprintfA
IsWindowEnabled
IsCharAlphaW
IsRectEmpty
SetWindowLongA
GetKeyNameTextW
GetMenuCheckMarkDimensions
SendInput
DrawTextExW

gdi32

GetDeviceCaps
SetDIBitsToDevice
GetCharWidth32W
SetBkMode
Ellipse
CreateCompatibleDC
GetStockObject
CreateCompatibleBitmap
ResizePalette
SetAbortProc
RectInRegion
SetViewportExtEx
GetBitmapBits
RestoreDC
GetTextExtentPoint32A
TranslateCharsetInfo
CreateBitmap
PathToRegion

kernel32

SetEndOfFile
GlobalLock
SizeofResource
MoveFileA
SetFileAttributesA
WaitForMultipleObjectsEx
HeapAlloc
SetHandleCount
IsBadWritePtr
GetProcessHeap
PulseEvent
GlobalMemoryStatusEx
LoadLibraryW
DeleteFileA
FindResourceExA
RaiseException
GetModuleHandleW
GetSystemDirectoryA
HeapFree
CreateMutexA
SetLastError
ConnectNamedPipe
FindResourceW
LoadLibraryExA

shlwapi

StrToIntA
PathRemoveBlanksW
StrNCatA

comdlg32

GetOpenFileNameA
GetFileTitleW
ChooseFontW
GetOpenFileNameW

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
getc
printf
strcspn
_amsg_exit
_initterm
_acmdln
exit
wcstod
_ismbblead
_XcptFilter
gets
_exit
malloc
setvbuf
_cexit
__setusermatherr
wcscpy
isprint
system
__getmainargs
strncpy
sprintf
strtoul

comctl32

CreatePropertySheetPageW
ImageList_Destroy
ImageList_GetIcon

Exports

Exports

?SetConfig@@YGXH*Z
?GlobalPenExA@@YGXPAJE*Z
?RemoveDataW@@YGMPAHPAI*Z
?InvalidateFileExA@@YGHPA_N*Z
?ValidateDate@@YGHDPAJ*Z
?IsNotDirectoryOriginal@@YGJPAI*Z
?Argument@@YGFPAINPAK*Z
?AddExpressionNew@@YGPAHPAM*Z
?KillConfig@@YGFH*Z
?IncrementSectionW@@YGPANDPAKPAH*Z

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ditxt
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbug
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dimp
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbg
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dvr
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dpt
Size: 1024B - Virtual size: 823B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dcode
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

488922af77a7bb8f428e8b98bac8308b

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

shlwapi

comdlg32

msvcrt

comctl32

Exports

Exports

Sections

.text Size: 129KB - Virtual size: 128KB

.ditxt Size: 1024B - Virtual size: 516B

.dbug Size: 512B - Virtual size: 28B

.dimp Size: 3KB - Virtual size: 2KB

.dbg Size: 512B - Virtual size: 90B

.dvr Size: 512B - Virtual size: 140B

.dpt Size: 1024B - Virtual size: 823B

.dcode Size: 12KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 71KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 129KB - Virtual size: 128KB

.ditxt
Size: 1024B - Virtual size: 516B

.dbug
Size: 512B - Virtual size: 28B

.dimp
Size: 3KB - Virtual size: 2KB

.dbg
Size: 512B - Virtual size: 90B

.dvr
Size: 512B - Virtual size: 140B

.dpt
Size: 1024B - Virtual size: 823B

.dcode
Size: 12KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 71KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 1KB