ac166051231b04cc5d259ff00dc110eb

Sharing

Copy URL Twitter E-mail

General

Target

ac166051231b04cc5d259ff00dc110eb
Size

172KB
MD5

ac166051231b04cc5d259ff00dc110eb
SHA1

2737f246e44611bb7e9cb1d4999dc78ade571715
SHA256

dc5e85ff52a4b907d7232c6f262e523caecf2464d7c6a0e4b404096ba427a61f
SHA512

2a8a9f197e251ddb2aa6f2d7a7e8d92166bc9eb83551ee5cb96fa46bb83a0ab004636b1f9ef4659ac738588365f48ecad0e064c5cf9d42b119a26faaa8cb483c
SSDEEP

3072:1sbzxRHPrqteJD+rmQSOckFRs/IAPyMpjNXDWPYOFNOvqZvJ1l38oZYrO9o:UQSOc1vJpj5eYsP8os

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac166051231b04cc5d259ff00dc110eb

Files

ac166051231b04cc5d259ff00dc110eb
.dll windows:4 windows x86 arch:x86

9ca78f69dad8f44090dc1a2e4a67739e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
lstrcpyA
GetPrivateProfileSectionA
lstrcmpA
MultiByteToWideChar
GetPrivateProfileStringA
WideCharToMultiByte
FreeLibrary
DeleteFileA
GetTempFileNameA
WritePrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileSectionA
lstrlenW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
FlushFileBuffers
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
Sleep
SetStdHandle
SetConsoleCtrlHandler
GetOEMCP
GetCurrentThreadId
GetCPInfo
InterlockedIncrement
InterlockedDecrement
UnhandledExceptionFilter
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetUnhandledExceptionFilter
HeapSize
LocalAlloc
LocalLock
LocalUnlock
GlobalSize
GetFileSize
ReadFile
GlobalReAlloc
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpynA
FormatMessageA
LocalFree
CreateFileA
SetFilePointer
lstrlenA
WriteFile
CloseHandle
GetModuleHandleA
OutputDebugStringA
GetProcessHeap
HeapAlloc
HeapFree
VirtualProtect
GetModuleFileNameA
GetLastError
FlushInstructionCache
VirtualQuery
lstrcmpiA
GetCurrentProcess
WriteProcessMemory
CreateToolhelp32Snapshot
Module32First
Module32Next
GetProcAddress
LoadLibraryExW
LoadLibraryExA
TerminateProcess
FatalAppExitA
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetCurrentThread
LoadLibraryW
LoadLibraryA
GetACP
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetVersion
GetCommandLineA
RaiseException
HeapReAlloc
GetLocalTime
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocaleInfoW

user32

SetCursor
GetDC
LoadCursorA
ReleaseDC
RegisterWindowMessageA
SendMessageTimeoutA
IsRectEmpty
GetWindowRect
ClientToScreen
GetClientRect
ScreenToClient
FindWindowA
CallNextHookEx
CallWindowProcA
IsCharAlphaNumericA
CallWindowProcW
IsWindow
IsWindowUnicode
GetWindowLongW
SetWindowLongW
GetWindowLongA
SetWindowLongA
MessageBoxA
keybd_event
GetClassNameA
RegisterClipboardFormatA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetWindowsHookExA
UnhookWindowsHookEx
GetFocus

gdi32

CreateHalftonePalette
GetDIBits
GetObjectA
CreatePen
DPtoLP
CreateBitmap
GetMapMode
SetMapMode
SetBkColor
GetNearestPaletteIndex
SetSystemPaletteUse
ResizePalette
SetPaletteEntries
CreateSolidBrush
Rectangle
StretchDIBits
CreateDCA
CreateCompatibleBitmap
GetDIBColorTable
GetPaletteEntries
CreateDIBSection
CreateCompatibleDC
SelectObject
SetDIBColorTable
SetStretchBltMode
StretchBlt
BitBlt
DeleteDC
GdiFlush
DeleteObject
GetStockObject
SelectPalette
RealizePalette
CreateDIBitmap
GetDeviceCaps
GetSystemPaletteEntries
CreatePalette

ole32

CoInitialize
StgCreateDocfile
CoUninitialize
CreateStreamOnHGlobal
StgOpenStorage

oleaut32

SysFreeString
OleLoadPicture
SysAllocStringLen

shlwapi

PathFindFileNameA
SHGetValueA
PathFileExistsA
PathRemoveFileSpecA

imm32

ImmGetCompositionStringW
ImmGetCompositionStringA

imagehlp

ImageDirectoryEntryToData

oleacc

ObjectFromLresult

winmm

timeGetTime

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

EnableConversion

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ca78f69dad8f44090dc1a2e4a67739e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

shlwapi

imm32

imagehlp

oleacc

winmm

version

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 104KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 20KB - Virtual size: 24KB

sdata Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 960B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 108KB - Virtual size: 104KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 20KB - Virtual size: 24KB

sdata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 960B

.reloc
Size: 8KB - Virtual size: 7KB