abb489be568dcbc0602b66612d3888e9

Sharing

Copy URL Twitter E-mail

General

Target

abb489be568dcbc0602b66612d3888e9
Size

164KB
MD5

abb489be568dcbc0602b66612d3888e9
SHA1

d0ec4b734acebb37629eab0f8d3b05819e7b6a11
SHA256

f179322ab107112716319a24b1a2610778a643345e9023e00e45df4363cf0ddf
SHA512

7d6998e96a18d2d13c3ffb5ea778c300861739d2cbd9ab08592fcb6f6d6628eceb19f50dbf1ab457804df87ca6c916c634d1beec6cbb56661bfc06acab1393a7
SSDEEP

3072:SCt0THIu47gFC2Siuj6QAJx1BKcy4PWlUl6ZnlwK06:S1og82TQA1Bvy4mZnl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abb489be568dcbc0602b66612d3888e9

Files

abb489be568dcbc0602b66612d3888e9
.dll windows:4 windows x86 arch:x86

9db9ea160396f55b894d4575ba626827

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTime
WritePrivateProfileStringA
GetEnvironmentVariableA
GlobalFindAtomA
PeekNamedPipe
lstrlenA
GetTimeZoneInformation
RtlUnwind
LeaveCriticalSection
lstrcpyA
SetThreadPriority
GetCurrentProcess
LCMapStringW
SetEnvironmentVariableA
IsBadCodePtr
HeapCreate
GetProcAddress
TlsFree
SetEndOfFile
GlobalLock
TlsGetValue
GetModuleFileNameA
GetStringTypeA
SetStdHandle
InitializeCriticalSection
MulDiv
GetProcessVersion
GetACP
FreeLibrary
WaitForSingleObject
HeapDestroy
HeapAlloc
SetHandleCount
HeapFree
GetStdHandle
SetEvent
GlobalAddAtomA
TlsSetValue
FindResourceA
ReadFile
GetStringTypeW
SetLastError
GetFileType
FlushFileBuffers
LocalAlloc
HeapSize
GetStartupInfoA
LocalReAlloc
LoadLibraryA
GetOEMCP
EnterCriticalSection
lstrcmpA
CompareStringW
LCMapStringA
FreeEnvironmentStringsA
LockResource
GetEnvironmentStringsW
DeleteCriticalSection
GlobalReAlloc
GetCurrentThreadId
RaiseException
GetVersionExA
CreateThread
CompareStringA
GlobalUnlock
LoadResource
CreateFileA
SetErrorMode
GlobalHandle
SetFilePointer
GetCPInfo
CloseHandle
FileTimeToSystemTime
IsBadReadPtr
HeapReAlloc
TlsAlloc
LocalFree
GetCommandLineA
IsBadWritePtr
GetLastError
lstrcmpiA
FreeEnvironmentStringsW
GetModuleHandleA
lstrcatA
GetVersion
Sleep
GetFileInformationByHandle
WriteFile
GlobalGetAtomNameA
GetCurrentThread
CreateEventA
SetUnhandledExceptionFilter
GlobalFlags
GlobalDeleteAtom
GetExitCodeThread
lstrcpynA
FileTimeToLocalFileTime

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

comdlg32

GetSaveFileNameA

wsock32

WSACleanup
send
htons
bind
connect
WSAStartup
sendto
ntohs
gethostbyname
WSAGetLastError
accept
listen
socket
ntohl
recvfrom
htonl
select
closesocket
recv
getsockname

winmm

waveOutGetVolume
mixerOpen
mixerGetLineInfoA
mixerGetDevCapsA
waveOutGetNumDevs
waveOutPrepareHeader
waveOutGetDevCapsA
waveOutSetVolume
waveOutReset
mixerClose
waveOutPause
mixerGetLineControlsA
waveOutWrite
waveOutUnprepareHeader
waveOutOpen
waveOutSetPlaybackRate
waveOutClose

gdi32

SaveDC
GetObjectA
ScaleViewportExtEx
GetDeviceCaps
SetBkColor
SetViewportExtEx
SetViewportOrgEx
SetTextColor
GetClipBox
Escape
RectVisible
SelectObject
OffsetViewportOrgEx
CreateBitmap
ExtTextOutA
DeleteDC
GetStockObject
SetMapMode
RestoreDC
ScaleWindowExtEx
TextOutA
PtVisible
SetWindowExtEx
DeleteObject

comctl32

ord17

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

user32

GetMenuItemCount
GetWindowTextLengthA
GetClassNameA
PostQuitMessage
GetWindowPlacement
GetFocus
GetSubMenu
DispatchMessageA
GetActiveWindow
GetForegroundWindow
IsDialogMessageA
PtInRect
DestroyMenu
GetClientRect
IsWindowVisible
GrayStringA
SetCursor
PostThreadMessageA
GetSysColor
CreateDialogIndirectParamA
GetParent
LoadStringA
UnhookWindowsHookEx
IsWindowEnabled
SetWindowTextA
GetCapture
LoadIconA
ModifyMenuA
SetActiveWindow
GetTopWindow
GetMessagePos
GetDlgItem
ReleaseDC
GetMenu
SetWindowsHookExA
SendMessageA
ShowWindow
GetSystemMetrics
GetClassInfoA
GetMenuCheckMarkDimensions
SetForegroundWindow
DestroyWindow
AdjustWindowRectEx
GetWindowLongA
GetDC
IsWindow
GetMenuState
CreateWindowExA
IsIconic
SetWindowPos
DefWindowProcA
CheckMenuItem
GetPropA
GetWindowRect
MsgWaitForMultipleObjects
DrawTextA
PeekMessageA
TranslateMessage
GetWindow
SendDlgItemMessageA
GetCursorPos
SetWindowLongA
TabbedTextOutA
SystemParametersInfoA
GetNextDlgTabItem
GetClassLongA
ValidateRect
GetMessageA
SetFocus
UpdateWindow
ClientToScreen
SetPropA
wsprintfA
GetWindowTextA
LoadBitmapA
RegisterClassA
GetMenuItemID
RegisterWindowMessageA
CallNextHookEx
EnableMenuItem
LoadCursorA
GetLastActivePopup
GetMessageTime
RemovePropA
GetKeyState
WinHelpA
EnableWindow
PostMessageA
CallWindowProcA
MessageBoxA
SetMenuItemBitmaps
GetSysColorBrush
CopyRect

Exports

Exports

dJPEG_DisableUpsample

Sections

.text
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9db9ea160396f55b894d4575ba626827

Headers

File Characteristics

Imports

kernel32

advapi32

comdlg32

wsock32

winmm

gdi32

comctl32

winspool.drv

user32

Exports

Exports

Sections

.text Size: 81KB - Virtual size: 84KB

.data Size: 20KB - Virtual size: 24KB

.rdata Size: 15KB - Virtual size: 16KB

.bss Size: - Virtual size: 12KB

.edata Size: 8KB - Virtual size: 12KB

.idata Size: 6KB - Virtual size: 8KB

.rsrc Size: 23KB - Virtual size: 24KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 81KB - Virtual size: 84KB

.data
Size: 20KB - Virtual size: 24KB

.rdata
Size: 15KB - Virtual size: 16KB

.bss
Size: - Virtual size: 12KB

.edata
Size: 8KB - Virtual size: 12KB

.idata
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 23KB - Virtual size: 24KB

.reloc
Size: 7KB - Virtual size: 7KB