acd5d7aaf858446da48bd9637032ed3d

Sharing

Copy URL Twitter E-mail

General

Target

acd5d7aaf858446da48bd9637032ed3d
Size

188KB
MD5

acd5d7aaf858446da48bd9637032ed3d
SHA1

58b68b66bbc672be25dfc2418e12bf411b5b8e46
SHA256

e103cfeb274dcd29425ad9be661ed464847bc9cdcb06741f81970aa75c6e8de7
SHA512

8e63aa171b13b3dd6cf9baf2fdb29612464bf74a6dfd85cfd7f633f594f62374e4da1e0f82ecea5c3cbf8feeaec5a90d5bc71e039c33cbf18a1970af108b29a8
SSDEEP

3072:GW1TwjJHoebrhYukjwW6ZEmb1BkkIaL8G5i4uVDmg3CJrI7ywN9llBMqqDLy/921:ThaJJ2ukIZdb1ftt5ipViIIwN96qqDL9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acd5d7aaf858446da48bd9637032ed3d

Files

acd5d7aaf858446da48bd9637032ed3d
.dll windows:4 windows x86 arch:x86

0d94cfd55afd7e75ed083a3cf7bb77e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadStringPtrW
GetCurrentThreadId
GetTickCount
LoadLibraryW
CreateThread
FreeLibrary
FreeLibraryAndExitThread
WaitForSingleObject
LocalAlloc
ExpandEnvironmentStringsW
GetLocaleInfoW
GetNumberFormatW
LocalFree
GetThreadLocale
FormatMessageW
lstrcpynW
lstrcmpiW
lstrcmpW
InterlockedDecrement
InterlockedIncrement
lstrlenW
lstrcpyW
GetModuleHandleW
ReleaseMutex
CloseHandle
CreateMutexW
LockResource
FindResourceW
LoadResource
SuspendThread
WaitForMultipleObjects
lstrcpynA
VirtualAlloc
VirtualFree
GlobalFree
Sleep
InterlockedExchange
GetVolumeNameForVolumeMountPointW
DisableThreadLibraryCalls
QueryPerformanceCounter
GetCurrentProcessId
InterlockedCompareExchange
GetLocaleInfoA
GetSystemTimeAsFileTime
RaiseException
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
LoadLibraryA
HeapReAlloc
GetCPInfo
GetOEMCP
GetACP
HeapAlloc
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WriteFile
UnhandledExceptionFilter
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapFree
GetSystemInfo
HeapCreate
HeapDestroy
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
GetModuleHandleA
GetProcAddress
ExitProcess
VirtualQuery
GetVersionExA
RtlUnwind
GetCurrentThread
lstrcatW
GetFileAttributesW
SetErrorMode
LocalReAlloc
FindClose
SetThreadPriority
FindNextFileW
FindFirstFileW
GlobalUnlock
GlobalLock
CompareStringW
LocalSize
GetDiskFreeSpaceW
GetSystemDirectoryW
DeviceIoControl
CreateFileW
OpenMutexW
VerifyVersionInfoW
lstrcmpiA
GetDriveTypeW
ResumeThread
VirtualProtect
OutputDebugStringA
GetCommandLineA

user32

wsprintfA
CharUpperW
GetNextDlgTabItem
ShowCursor
SetFocus
GetFocus
GetDlgItemInt
GetAsyncKeyState
GetDlgCtrlID
WinHelpW
SetDlgItemInt
DestroyWindow
DialogBoxParamW
CharNextW
LoadCursorW
SetCursor
EndDialog
SetWindowLongW
GetWindowLongW
SetWindowTextW
LoadStringW
EnableWindow
ShowWindow
SendMessageW
CheckDlgButton
GetDlgItem
IsDlgButtonChecked
wsprintfW
GetCaretBlinkTime
KillTimer
SetTimer
IsWindow
SetForegroundWindow
FindWindowW
GetDesktopWindow
GetThreadDesktop
GetClassNameW
FindWindowExW
RegisterClipboardFormatW
MoveWindow
GetWindowRect
GetParent
GetSystemMetrics
PostMessageW
ExitWindowsEx
MessageBoxW
CreateDialogParamW
IsWindowVisible
SetWindowPos
RegisterWindowMessageW
SendNotifyMessageW
SetDlgItemTextW
InsertMenuItemW
UpdateWindow
LoadImageW

advapi32

RegOpenKeyExW
RegEnumValueW
RegQueryValueExW
RegSetValueExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteValueW
RegQueryInfoKeyW
FreeSid
RegCreateKeyExW
RegCloseKey
IsValidSid
RevertToSelf
ImpersonateLoggedOnUser
DuplicateTokenEx
CheckTokenMembership
RegisterEventSourceW
DeregisterEventSource
ReportEventW
GetUserNameW
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenCurrentUser

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d94cfd55afd7e75ed083a3cf7bb77e1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 16KB - Virtual size: 61KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 16KB - Virtual size: 61KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 6KB