b580fcc87f262138f5198f82cf404401

Sharing

Copy URL Twitter E-mail

General

Target

b580fcc87f262138f5198f82cf404401
Size

248KB
MD5

b580fcc87f262138f5198f82cf404401
SHA1

d07ba9df66d3107681d48e05527882f23d0b0fd0
SHA256

2a33d68449d4dfac7bd8700ea280b2a8298b5d8ddf14b05b58e4a9f5e6ab1122
SHA512

6e2971797b68b1e552d79f6ea0b97f849e112adce54823172a0bac4db28069e6507049372dd2c21c381ff3cc2ae8e06e8a6e87ee5c3a838e9fbcf840cc707acd
SSDEEP

6144:gHjT1qO/WSasVhB1A1buQERfxzjHRnEOy4zWiE:g7/XvnA1bubR5Nrt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b580fcc87f262138f5198f82cf404401

Files

b580fcc87f262138f5198f82cf404401
.dll windows:4 windows x86 arch:x86

d58639aaa6198464f358daed07b99b77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

StringFromCLSID
StgCreateDocfileOnILockBytes
ReleaseStgMedium
ReadClassStg
OleUninitialize
OleRegGetUserType
OleInitialize
CreateILockBytesOnHGlobal
CoTaskMemFree
CLSIDFromString

gdi32

TextOutW
BitBlt
CreateCompatibleDC
CreateDCW
CreateFontIndirectW
CreateICW
CreatePen
CreateSolidBrush
DPtoLP
DeleteObject
EnumFontFamiliesExW
EnumFontFamiliesW
Escape
ExtTextOutW
GetBkColor
GetDeviceCaps
GetObjectW
GetPaletteEntries
GetStockObject
GetTextColor
GetTextExtentPoint32W
GetTextMetricsW
PtVisible
RectVisible
Rectangle
ScaleWindowExtEx
SelectObject
SetBkMode
SetDCBrushColor
SetPixel
SetTextColor

user32

SetRect
WinHelpW
UpdateWindow
SetFocus
CallNextHookEx
CharToOemBuffA
DefWindowProcW
EnableWindow
FindWindowW
GetActiveWindow
GetAsyncKeyState
GetDC
GetMonitorInfoW
GetNextDlgTabItem
LoadIconW
LoadMenuW
OffsetRect
PeekMessageW
SendDlgItemMessageW
SendMessageTimeoutW
SendMessageW
SetCursor

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError
ChooseFontW

shell32

SHGetSpecialFolderPathW
ShellAboutW
ShellExecuteExW
SHGetSettings
DragFinish
DragQueryFileW

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegQueryValueExA
RegQueryValueExW
RegSetValueExW

msvcrt

wcstod
wcslen
wcscoll
wcscmp
setlocale
memmove
exit
_wcsdup
_onexit
_initterm
_controlfp
_cexit
_c_exit
_adjust_fdiv
__wgetmainargs
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__dllonexit
__CxxFrameHandler
_XcptFilter

kernel32

MulDiv
MultiByteToWideChar
LoadLibraryW
LoadLibraryExW
LoadLibraryExA
InterlockedIncrement
HeapCreate
HeapAlloc
GlobalGetAtomNameW
GlobalFree
GlobalAlloc
GlobalAddAtomW
GetVersionExA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetShortPathNameW
GetModuleHandleA
GetLastError
GetDateFormatW
GetCurrentThreadId
GetCommandLineA
ExitProcess
DeleteAtom
CreateFileW
CreateEventW
AddAtomW
SetThreadPriority
SetUnhandledExceptionFilter
TerminateProcess
lstrcmpW
lstrlenW
lstrlenA

shlwapi

PathFindFileNameW

Exports

Exports

BindTexture
D3D9UnmapVertexBuffer
EnumFileInItemRelease
EnumImageFormatAttributeReset
EnumTvValueReset
GetCDInfo
GetExposureComp
GetFile
GetFileHeader
GraphicsUnmapResources
IsoTrackSetBootOptions
Memset2D
SetAllParamValueToAtCapture
StreamDestroy

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d58639aaa6198464f358daed07b99b77

Headers

File Characteristics

Imports

ole32

gdi32

user32

comdlg32

shell32

advapi32

msvcrt

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 72KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 72KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB