aa5ea49a0a491caab46d489d8f64d6c8b2a35ae3334466d188cae6f3a7f18b01

Sharing

Copy URL Twitter E-mail

General

Target

aa5ea49a0a491caab46d489d8f64d6c8b2a35ae3334466d188cae6f3a7f18b01
Size

223KB
MD5

e2065b2a93ef75533d3991b070f70995
SHA1

58d9696b6c7025e5cfc0181f0d693061f76cfee2
SHA256

aa5ea49a0a491caab46d489d8f64d6c8b2a35ae3334466d188cae6f3a7f18b01
SHA512

d6b1bc9ec56ca6ed72d6ea5ee2e3bd35a8c2595d7b975d0d4b114f6555520dbf50e7120c437db8391264ab59ba098915b5b1b96181bc1f229ca96c2a831ff50a
SSDEEP

3072:fMJge1fC6ba+H3kXU6Zgj6FqVZmRgh8YvzufAoya:EFC7U6mGamuFoya

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa5ea49a0a491caab46d489d8f64d6c8b2a35ae3334466d188cae6f3a7f18b01

Files

aa5ea49a0a491caab46d489d8f64d6c8b2a35ae3334466d188cae6f3a7f18b01
.dll regsvr32 windows:4 windows x64 arch:x64

1522f7eb1b38decf3becda50464c72da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

d3d9

Direct3DCreate9

ddraw

DirectDrawCreateEx

dsound

DirectSoundEnumerateW
DirectSoundCaptureEnumerateW

kernel32

CloseHandle
DisableThreadLibraryCalls
EnumResourceNamesW
FindResourceW
FormatMessageW
GetComputerNameW
GetDateFormatW
GetEnvironmentVariableW
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetSystemDirectoryW
GetTickCount
GetTimeFormatW
GetVersionExW
GetWindowsDirectoryW
GlobalMemoryStatusEx
HeapAlloc
HeapFree
HeapReAlloc
IsBadStringPtrW
K32EnumProcessModules
K32EnumProcesses
K32GetModuleBaseNameW
LoadLibraryW
LoadResource
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
SizeofResource
lstrcmpW

ntdll

_vsnprintf

ole32

CLSIDFromString
CoCreateInstance
CoTaskMemFree
StringFromGUID2

oleaut32

SysAllocString
SysFreeString
VariantInit
VariantClear
VariantCopy
VariantChangeType
SafeArrayAccessData
SafeArrayUnaccessData

ucrtbase

__acrt_iob_func
__stdio_common_vsprintf
__stdio_common_vswprintf
_strdup
free
fwrite
getenv
memcmp
memcpy
memmove
strchr
strcmp
strcpy
strcspn
strlen
wcschr
wcsrchr

user32

EnumDisplayDevicesW
LoadStringW
wsprintfW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 400B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1522f7eb1b38decf3becda50464c72da

Headers

DLL Characteristics

File Characteristics

Imports

d3d9

ddraw

dsound

kernel32

ntdll

ole32

oleaut32

ucrtbase

user32

version

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 29KB

.data Size: 4KB - Virtual size: 176B

.rodata Size: 4KB - Virtual size: 24B

.rdata Size: 60KB - Virtual size: 59KB

.pdata Size: 4KB - Virtual size: 912B

.xdata Size: 4KB - Virtual size: 944B

.bss Size: - Virtual size: 400B

.edata Size: 92KB - Virtual size: 90KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 208B

.text
Size: 32KB - Virtual size: 29KB

.data
Size: 4KB - Virtual size: 176B

.rodata
Size: 4KB - Virtual size: 24B

.rdata
Size: 60KB - Virtual size: 59KB

.pdata
Size: 4KB - Virtual size: 912B

.xdata
Size: 4KB - Virtual size: 944B

.bss
Size: - Virtual size: 400B

.edata
Size: 92KB - Virtual size: 90KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 208B