58cb30fb346d76f719c2ff3b1f0b191739bbb5676e3fadc6fc68c0c2e9a82d1f

Sharing

Copy URL Twitter E-mail

General

Target

58cb30fb346d76f719c2ff3b1f0b191739bbb5676e3fadc6fc68c0c2e9a82d1f
Size

517KB
MD5

591e873f42f0ed7d33bcf5a911602c85
SHA1

819ace6ddbd092102e63359bbc2421a70a8d8a99
SHA256

58cb30fb346d76f719c2ff3b1f0b191739bbb5676e3fadc6fc68c0c2e9a82d1f
SHA512

be7ff9682819801ea21baacdc68035f048cc6de5bab8317b3d075e7f2be8988bcc94625eefaf7bab64fe76a8152c19e77da1848fef9f3d5630642152b4e449e4
SSDEEP

12288:mwO0C1Bt4Jjc2kBZ/X0QeQpcR6W7/h5af:Ef1BCRxw/X0y86Oh5af

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58cb30fb346d76f719c2ff3b1f0b191739bbb5676e3fadc6fc68c0c2e9a82d1f

Files

58cb30fb346d76f719c2ff3b1f0b191739bbb5676e3fadc6fc68c0c2e9a82d1f
.dll windows:6 windows x86 arch:x86

c328cc42604e6342b22fe793c9d7e10d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
HeapReAlloc
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
WriteFile
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetStdHandle
HeapSize
GetModuleHandleExW
ExitProcess
GetProcessHeap
IsDebuggerPresent
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetProcAddress
GetModuleHandleW
CreateThread
lstrcpyW
WinExec
GetStringTypeW
GetFileType
GetWindowsDirectoryA
SetEndOfFile
MapViewOfFile
GetCommandLineW
GetOEMCP
GetLogicalDrives
WaitForSingleObject
QueryPerformanceCounter
GetSystemTime
SwitchToThread
SuspendThread
GetWindowsDirectoryW
GetTickCount
LoadLibraryA
CreateFileW
GetModuleFileNameW
GetProcessTimes
ExpandEnvironmentStringsA
GetLocaleInfoA
DeleteFileA
TlsAlloc
GetUserDefaultUILanguage
GetCommandLineA
GetEnvironmentStringsW
EnumResourceNamesW
GetModuleFileNameA
GetLastError
GetFileAttributesW
GetExitCodeProcess
GetSystemDirectoryA
Sleep
GetCurrentProcessId
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
SetLastError
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
HeapFree
GetCurrentThreadId
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

GetDlgItemTextA
DeleteMenu
ClientToScreen
GetClientRect
DrawTextExW
EnumWindows
DrawFocusRect
ShowCursor
GetDlgItem
EnableScrollBar
SetDlgItemTextW
CreateMenu
SetWindowTextW
SetDlgItemTextA
SetScrollInfo
ToAsciiEx
GetDlgCtrlID
IsZoomed
GetWindowRect
SetParent
GetKeyboardState
SetRect
DrawStateW
EnumChildWindows
DrawMenuBar
CheckMenuItem
TranslateMDISysAccel
UnionRect
GetWindowTextW
FlashWindow
DestroyIcon
AttachThreadInput
LoadStringA
SetFocus
GetQueueStatus
MessageBoxA
IsDlgButtonChecked
InsertMenuA

gdi32

PatBlt
GetDIBits
GetPaletteEntries
CreateRectRgn
GetBitmapBits
GetRgnBox
GetStockObject
PolyPolygon
EndPage
GetTextExtentPoint32A
GetObjectType
CreateBitmapIndirect
GetCharWidth32A
EndDoc
SetLayout
DeleteObject
GetBkColor
RectVisible
GetTextExtentPoint32W
DeleteDC
CreateFontIndirectW
CreateBitmap
CombineRgn
GetObjectW
GetNearestPaletteIndex
GetTextExtentPointA
GetPixel
CreateBrushIndirect

advapi32

RegOpenKeyExA
SetSecurityDescriptorDacl
ChangeServiceConfigW
StartServiceW
GetLengthSid
CopySid
RegUnLoadKeyW
QueryServiceStatus
RegLoadKeyW
ControlService

shell32

Shell_NotifyIconW
ExtractIconExW

ole32

CoTaskMemFree
CoInitialize

oleaut32

SafeArrayPtrOfIndex
VariantClear

Sections

.text
Size: 398KB - Virtual size: 397KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c328cc42604e6342b22fe793c9d7e10d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 398KB - Virtual size: 397KB

.rdata Size: 81KB - Virtual size: 81KB

.data Size: 21KB - Virtual size: 628KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 398KB - Virtual size: 397KB

.rdata
Size: 81KB - Virtual size: 81KB

.data
Size: 21KB - Virtual size: 628KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 15KB - Virtual size: 14KB