d509b60fdfd560c42138628ea63a2c0966f940286c35c049df492c7a093713ec

Sharing

Copy URL Twitter E-mail

General

Target

d509b60fdfd560c42138628ea63a2c0966f940286c35c049df492c7a093713ec
Size

1.6MB
MD5

519560fcad4d5a600092e1958893072d
SHA1

ae0823360c844a67b6afb2932381c3d077625070
SHA256

d509b60fdfd560c42138628ea63a2c0966f940286c35c049df492c7a093713ec
SHA512

976e3330b63d0aae54997549d32d2f8f80d88599c9503edf2b61db1495b3f56ad54f531193169b1c48bc0bc66ca4298bf89572ecd57d381fe2f4b163f3a83f3a
SSDEEP

49152:rIjSYi/XzrDpaYFJnuFBTuLUwEPqKu6o:r7/XNbJSTuLUaKu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d509b60fdfd560c42138628ea63a2c0966f940286c35c049df492c7a093713ec

Files

d509b60fdfd560c42138628ea63a2c0966f940286c35c049df492c7a093713ec
.dll windows:5 windows x86 arch:x86

43b5575f2de4363718a9f14a8a89513a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pdh

PdhEnumObjectsW

mprapi

MprConfigInterfaceSetInfo

wininet

FindNextUrlCacheEntryW

oleaut32

GetErrorInfo
VarBstrCmp
VarR8FromUI2
SysAllocStringLen

esent

JetUpdate

rpcrt4

NdrConvert2

winscard

SCardListReadersW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW
Shell_NotifyIconW

shlwapi

StrTrimW
SHRegCloseUSKey

user32

CreateIconIndirect
RegisterDeviceNotificationA
DestroyMenu
UnregisterClassW
CreateMDIWindowA
ValidateRgn
CopyRect
SetMenuItemBitmaps
GetUpdateRect
InSendMessage
PostQuitMessage

lz32

LZClose

advapi32

PrivilegeCheck
AddAccessAllowedObjectAce
RegOverridePredefKey

ws2_32

listen

winmm

mixerGetControlDetailsA

opengl32

glMap2f

kernel32

RtlUnwind
HeapReAlloc
VirtualAlloc
VirtualFree
GetStdHandle
WriteFile
InitializeCriticalSectionAndSpinCount
HeapAlloc
GetLocaleInfoA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
HeapFree
LeaveCriticalSection
GetExitCodeThread
IsProcessorFeaturePresent
WriteConsoleOutputA
SetErrorMode
VerLanguageNameA
SetConsoleWindowInfo
EnumCalendarInfoW
EnterCriticalSection
VerifyVersionInfoW
GetTempFileNameW
GetModuleFileNameA
GetBinaryTypeA
LoadLibraryA
GetProcAddress
GetModuleFileNameW
GetOEMCP
GetFileType
DisconnectNamedPipe
SetSystemTimeAdjustment
ClearCommBreak
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
ExitProcess
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
GetLastError

secur32

EnumerateSecurityPackagesW

gdi32

CreateICA
GetSystemPaletteEntries
CreatePalette
FillRgn
CreateBitmapIndirect

ole32

OleGetClipboard
OleInitialize
CoFreeUnusedLibraries

setupapi

SetupDiDeleteDevRegKey
CM_Get_Device_ID_List_Size_ExW
SetupLogErrorW
SetupOpenAppendInfFileW

Exports

Exports

HfnydnnetafseN

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43b5575f2de4363718a9f14a8a89513a

Headers

DLL Characteristics

File Characteristics

Imports

pdh

mprapi

wininet

oleaut32

esent

rpcrt4

winscard

shell32

shlwapi

user32

lz32

advapi32

ws2_32

winmm

opengl32

kernel32

secur32

gdi32

ole32

setupapi

Exports

Exports

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 280KB - Virtual size: 277KB

.data Size: 64KB - Virtual size: 67KB

.rsrc Size: 4KB - Virtual size: 912B

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 280KB - Virtual size: 277KB

.data
Size: 64KB - Virtual size: 67KB

.rsrc
Size: 4KB - Virtual size: 912B

.reloc
Size: 20KB - Virtual size: 17KB