ac9e5aad36c735dd3631f046cd879370

Sharing

Copy URL Twitter E-mail

General

Target

ac9e5aad36c735dd3631f046cd879370
Size

3.5MB
MD5

ac9e5aad36c735dd3631f046cd879370
SHA1

da544dc662477b95c7d819dbe5ea7fe3edc78437
SHA256

66b8aa7f8091c071853aad5276bb217843e410d34d38727cae8a8e70d418b440
SHA512

1799da0c514f2aafbb8507ccf4355e46029729c97974c8a754eade6bfdd35b2fb8971c4a7e5bc98d58eb30361af969b2a73b7f4709edce1baa0dce68aac975c4
SSDEEP

98304:DeBafdYS4hL9coTf54kue336DAEYUkJFN1ZlBu61nvmgKIjQamfQPK:CBJDBc+ukB3q1aJRZzu6hvmgSamIi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac9e5aad36c735dd3631f046cd879370

Files

ac9e5aad36c735dd3631f046cd879370
.dll windows:6 windows

21d9aa76b7a673146f3a1f877d30981d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetConsoleMode
GetConsoleCP
FlushFileBuffers
OutputDebugStringW
LCMapStringW
SetStdHandle
GetModuleFileNameW
WriteFile
EnterCriticalSection
TlsSetValue
TlsGetValue
SetFilePointerEx
WriteConsoleW
CloseHandle
TlsFree
LocalFree
CreateMutexA
SetLastError
GetTimeFormatW
HeapReAlloc
ReleaseMutex
GetOEMCP
GetModuleFileNameA
SetEnvironmentVariableA
GetProcAddress
LeaveCriticalSection
GetEnvironmentStringsW
GetSystemTime
GetThreadTimes
TlsAlloc
GetCPInfo
RtlUnwind
CreateNamedPipeA
SetCurrentDirectoryA
GetOverlappedResult
GetSystemDirectoryA
Beep
GetWindowsDirectoryA
GetModuleHandleW
WaitForSingleObject
InitializeSListHead
LoadLibraryExW
EncodePointer
DecodePointer
GetLastError
GetCommandLineA
GetCurrentThreadId
RaiseException
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
HeapFree
HeapAlloc
IsValidCodePage
GetACP
GetStringTypeW
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
CreateFileW

user32

ToAsciiEx
ShowOwnedPopups
SendDlgItemMessageA
GetWindowTextLengthA
LoadAcceleratorsW
SetClassLongA
CopyRect
DestroyWindow
SetParent
EndMenu
DestroyMenu
ValidateRect
SetCapture
LoadIconA
ShowCaret
GetKeyboardState
MessageBoxA
SetWindowsHookExA
SetWindowPos
SetMenu
IsDlgButtonChecked
UnhookWindowsHookEx
InsertMenuA
UpdateWindow
CallWindowProcW

gdi32

CreatePolygonRgn
DeleteEnhMetaFile
SetDIBColorTable
CreateDCA
SetPixel
GetPaletteEntries
GetCurrentPositionEx
IntersectClipRect
EndDoc
SetViewportOrgEx
CreateEnhMetaFileW
CreateSolidBrush
Arc
SetMetaFileBitsEx
GetRgnBox
CreatePalette
CombineRgn
GetCharWidthA
OffsetRgn
SetPolyFillMode
GetCharWidth32A
SetViewportExtEx
GetPixel
GetStockObject
SetWinMetaFileBits
ExtTextOutA
CreateRectRgnIndirect

advapi32

RegCreateKeyExA
RegCreateKeyA
SetSecurityDescriptorOwner

Sections

.text
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21d9aa76b7a673146f3a1f877d30981d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 272KB - Virtual size: 272KB

.data Size: 1.3MB - Virtual size: 1.3MB

.idata Size: 3KB - Virtual size: 3KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 272KB - Virtual size: 272KB

.data
Size: 1.3MB - Virtual size: 1.3MB

.idata
Size: 3KB - Virtual size: 3KB

.reloc
Size: 6KB - Virtual size: 6KB