abc9dd413af63569d346492c46b13916

Sharing

Copy URL

Twitter E-mail

General

Target

abc9dd413af63569d346492c46b13916
Size

470KB
MD5

abc9dd413af63569d346492c46b13916
SHA1

35718ec0f7a73bed1cdf4fa854c0d3b5d7a5560d
SHA256

13e1f000a8c5cbc92147f772f2632f1ba9c8de68ff4361970beac582517afdac
SHA512

de53683035473185a78159b735752a70c385f678c121311e51ac9411a18630ad097db00ea8dfef7dd21aff07f8986621f4fe859dec702ebf3c6d23aacc82954c
SSDEEP

12288:eCIE20xc4BXsKQeL/ZBdWgEnOB2K+ZVwtf6Czp:ehOc4X6E/dn5P+X46Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abc9dd413af63569d346492c46b13916

Files

abc9dd413af63569d346492c46b13916
.dll windows:4 windows x86 arch:x86

c603bb65b742f30db0bd8d90e14a5b5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalFree
MapViewOfFile
MoveFileW
MulDiv
MultiByteToWideChar
OpenProcess
Process32FirstW
Process32NextW
QueryPerformanceCounter
RaiseException
ReadFile
RemoveDirectoryW
ResumeThread
GlobalUnlock
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetFileAttributesW
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileSectionW
WritePrivateProfileStringW
WriteProfileStringW
lstrcatW
lstrlenA
lstrlenW
GlobalLock
GlobalAlloc
GetWindowsDirectoryW
GetVersion
GetTimeFormatW
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProfileStringW
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileSectionW
GetOEMCP
GetNumberFormatW
GetModuleHandleW
CloseHandle
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetEnvironmentStringsW
GetEnvironmentStringsA
GetDateFormatW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetCommandLineA
GetCPInfo
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FlushFileBuffers
FindNextFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
ExitThread
ExitProcess
EnterCriticalSection
DeleteFileW
DeleteCriticalSection
CreateToolhelp32Snapshot
CreateThread
CreateProcessW
CreateFileMappingW
CreateFileA
CreateDirectoryW
RtlUnwind

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

advapi32

LookupAccountNameW
AllocateAndInitializeSid
CloseServiceHandle
CryptAcquireContextW
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
DeleteService
EqualSid
FreeSid
GetAce
GetSecurityInfo
GetTokenInformation
ImpersonateLoggedOnUser
LookupAccountSidW
LookupPrivilegeValueW
OpenProcessToken
SetSecurityInfo
RevertToSelf
RegUnLoadKeyW
RegSetValueW
RegSetValueExW
RegSetKeySecurity
RegQueryValueW
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
RegOpenKeyW
RegOpenKeyExW
RegOpenKeyExA
RegLoadKeyW
RegGetKeySecurity
RegEnumValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyW
RegCreateKeyExW
RegCloseKey
OpenServiceW
OpenSCManagerW
AdjustTokenPrivileges

gdi32

CreateDIBSection
CreateFontIndirectW
DeleteDC
DeleteObject
EndDoc
EndPage
ExtTextOutW
GdiFlush
GetDIBits
GetDeviceCaps
GetObjectW
GetStockObject
GetTextExtentPoint32W
GetTextMetricsW
SelectObject
SetBkColor
SetBkMode
CreateCompatibleDC
SetTextColor
StartDocW
StartPage
SetMapMode

user32

GetSysColorBrush
WaitForInputIdle
UnionRect
TranslateMessage
BeginDeferWindowPos
BeginPaint
CallWindowProcW
CheckDlgButton
CheckMenuItem
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CreateDialogParamW
CreateIconIndirect
CreateWindowExW
DefWindowProcW
DeferWindowPos
DeleteMenu
DestroyIcon
DestroyWindow
DialogBoxIndirectParamW
DialogBoxParamW
DispatchMessageW
DrawFrameControl
DrawIconEx
DrawMenuBar
DrawTextW
EmptyClipboard
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EnumChildWindows
EnumDisplaySettingsW
FindWindowExW
FindWindowW
GetClassNameW
GetClientRect
GetCursorPos
GetDC
GetDlgItem
GetDlgItemTextW
GetFocus
GetIconInfo
GetMenu
GetMessageW
GetParent
GetPropW
GetSubMenu
GetSysColor
GetSystemMetrics
GetWindowLongW
GetWindowRect
GetWindowTextW
GetWindowThreadProcessId
InflateRect
InsertMenuW
IntersectRect
InvalidateRect
InvalidateRgn
IsDialogMessageW
IsDlgButtonChecked
IsIconic
IsZoomed
LoadAcceleratorsW
LoadCursorW
LoadIconW
LoadImageW
LoadStringW
MapWindowPoints
MessageBoxW
MoveWindow
OffsetRect
OpenClipboard
PostMessageW
PostQuitMessage
PtInRect
RegisterClassExW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
ScreenToClient
SendMessageW
SetClipboardData
SetCursor
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenuItemInfoW
SetPropW
SetTimer
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
TrackPopupMenu
TranslateAcceleratorW

Exports

Exports

ExtendInittab
ImportFrozenModule
Member_SetOne
Number_Int
State_ThreadHead
get_text
set_iCCP
set_tIME
vGetFileA

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c603bb65b742f30db0bd8d90e14a5b5f

Headers

File Characteristics

Imports

kernel32

version

advapi32

gdi32

user32

Exports

Exports

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 271KB - Virtual size: 271KB

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 35KB - Virtual size: 35KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 271KB - Virtual size: 271KB

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 35KB - Virtual size: 35KB

.reloc
Size: 5KB - Virtual size: 4KB