b75ef1f424d4d4e6a8191ab92f29f110

Sharing

Copy URL Twitter E-mail

General

Target

b75ef1f424d4d4e6a8191ab92f29f110
Size

91KB
MD5

b75ef1f424d4d4e6a8191ab92f29f110
SHA1

80b0349d317fa175cbdf91b0f8e0d77be26d19cd
SHA256

e95650d609ec3de361111651903c00777b65f55932de2da1d330d28955484eb2
SHA512

56933e1a06a57927a3961fb407dccb12486be6186f0211a5a44fa1beb965ed2c1224654670cc837f749408cc2e85e4445fdb72c76edcfc43039eac128ed99eb1
SSDEEP

1536:NoLLwh/IcnMG0+dsJDE4mxwEZJJ4VAe9P5ju7/a9Z9p/:No0IJ+YE4CbZJJyAsPFuDa9ZP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b75ef1f424d4d4e6a8191ab92f29f110

Files

b75ef1f424d4d4e6a8191ab92f29f110
.dll windows:4 windows x86 arch:x86

fd8e226a03238c8d82d122c831394e37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

imm32

ImmGetCompositionStringW

kernel32

UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
OutputDebugStringA
WideCharToMultiByte
Module32Next
Module32First
CreateToolhelp32Snapshot
GetCurrentProcessId
HeapFree
HeapAlloc
GetLastError
OpenProcess
GetLocalTime
VirtualQueryEx
GlobalFree
GlobalUnlock
GlobalHandle
LoadLibraryA
CreateFileMappingA
GetFileSize
ReadFile
GetTempPathA
DeleteFileA
CreateThread
CreateFileA
GetModuleHandleA
GetTickCount
VirtualProtect
InterlockedExchange
Sleep
GetProcAddress
GetCurrentProcess
WriteFile
ReadProcessMemory
CloseHandle
GetProcessHeap

user32

GetForegroundWindow
GetWindowThreadProcessId
PeekMessageA
GetWindowRect
GetWindowTextA
GetDC
ReleaseDC
SetRect
DispatchMessageA
TranslateMessage
FindWindowExA

gdi32

GetDeviceCaps
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectA
BitBlt

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoCreateInstance

avifil32

AVIMakeCompressedStream
AVIFileCreateStreamA
AVIFileOpenA
AVIFileInit
AVIStreamWrite
AVIFileExit
AVIStreamRelease
AVIFileRelease
AVISaveOptionsFree
AVIStreamSetFormat

msvfw32

ord2

winmm

waveOutOpen
waveInOpen
waveOutClose
waveOutWrite
waveInClose
waveInAddBuffer

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

msvcrt

fopen
_memicmp
strncmp
fclose
free
_ftol
_CIacos
printf
__dllonexit
atoi
srand
rand
strstr
vsprintf
strcat
wcscpy
_onexit
_initterm
malloc
_adjust_fdiv
_strlwr
_strnicmp
_stricmp
_CIpow
memmove
memcpy
??2@YAPAXI@Z
time
__CxxFrameHandler
memset
sprintf
strlen
rename
_mkdir
_access
abs
localtime
memcmp
strcmp

Exports

Exports

GetDLLVer
partInit

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARDAT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd8e226a03238c8d82d122c831394e37

Headers

File Characteristics

Imports

version

imm32

kernel32

user32

gdi32

advapi32

ole32

avifil32

msvfw32

winmm

msvcp60

msvcrt

Exports

Exports

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 23KB - Virtual size: 44KB

.SHARDAT Size: 4KB - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 23KB - Virtual size: 44KB

.SHARDAT
Size: 4KB - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 5KB