b81094c763535fa9b428b99f8fc5a404

Sharing

Copy URL Twitter E-mail

General

Target

b81094c763535fa9b428b99f8fc5a404
Size

84KB
MD5

b81094c763535fa9b428b99f8fc5a404
SHA1

b6bdb657d9ab35da25e33d13d967d3451a82463a
SHA256

4a91438288760a46cab2b68c2fcd4a093de3ae618fa8c38f9a2278f1f0be28f5
SHA512

0000fca4f59e6de21e90553da9ad5ef8cd59c687e8578872ba83d17d441afa2a4e9936771a3099d68f2c7a0339d2d5fb9a04208fc7d30d492c1fcab18cc84da0
SSDEEP

1536:+1y8mEwwNPtVcZIkBmm6/rvVBBMX5WWBOA3KOohRFrQIcJbQpH:+nmEP5r/vrA3KOohRFXcJbQp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b81094c763535fa9b428b99f8fc5a404

Files

b81094c763535fa9b428b99f8fc5a404
.dll windows:4 windows x86 arch:x86

1f042c14306862380588dd4a21b0a327

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetHandleInformation
RemoveDirectoryA
GetFileType
DuplicateHandle
GetModuleFileNameW
SetNamedPipeHandleState
SetWaitableTimer
GetEnvironmentVariableA
GetTempFileNameW
OpenFileMappingW
WideCharToMultiByte
GlobalMemoryStatusEx
RaiseException
GetFileAttributesW
HeapValidate
GetComputerNameW
SetEnvironmentVariableA
VirtualQueryEx
QueryPerformanceFrequency
DosDateTimeToFileTime
GetCurrencyFormatA
ActivateActCtx
SearchPathW
GetFileTime
CreateProcessW
GetProfileSectionA
MapViewOfFileEx
BackupWrite
WaitForSingleObjectEx
GetExitCodeThread
GetFileSize
UnregisterWaitEx
GetVolumePathNamesForVolumeNameW
GetSystemInfo
GetCommConfig
GetCommState
UnregisterWait
OpenThread
GetShortPathNameA
GlobalFree
SetStdHandle
WriteConsoleA
LocalFlags
EnumSystemLocalesA
GetDateFormatA
GetLogicalDriveStringsA
TerminateProcess
AreFileApisANSI
GetProcessAffinityMask
FindNextChangeNotification
GetModuleHandleExW
GetCPInfo
AddRefActCtx
GetFileAttributesA
VerLanguageNameW
IsProcessorFeaturePresent
LocalLock
VerifyVersionInfoA
LockResource
IsBadWritePtr
OpenSemaphoreA
GetAtomNameW
ReadConsoleW
FindActCtxSectionStringW
ClearCommBreak
GetDiskFreeSpaceA
WriteConsoleInputA
EnumResourceLanguagesW
DisconnectNamedPipe
ReadDirectoryChangesW
OpenMutexA
GetFileSizeEx
GetProfileIntW
GetVolumePathNameW
lstrlenW
SetFileAttributesA
lstrcatW
IsDBCSLeadByte
GlobalFindAtomW
UnlockFileEx
InterlockedCompareExchange
VirtualProtect
CloseHandle
LeaveCriticalSection
WaitForSingleObject
GetComputerNameA
GetModuleHandleA
CreateFileMappingA
InterlockedExchange
WriteFile
CreateMutexA
CreateDirectoryA
CreateFileA
GetProcAddress
InitializeCriticalSectionAndSpinCount
CreateProcessA
GetTickCount
LoadLibraryA
Sleep
GetOverlappedResult

ole32

PropVariantCopy
OleDoAutoConvert
PropVariantClear
OleSetContainedObject
GetHGlobalFromILockBytes
OleDestroyMenuDescriptor
OleSetMenuDescriptor
CreateItemMoniker
OleUninitialize
GetHGlobalFromStream
CoFileTimeNow
OleCreateLinkFromData
OleCreateMenuDescriptor
ReadFmtUserTypeStg
StgCreateDocfileOnILockBytes
OleCreateStaticFromData
IIDFromString
OleGetAutoConvert
CoAllowSetForegroundWindow
StgIsStorageILockBytes
CoTaskMemAlloc
CoTaskMemFree

user32

InsertMenuItemW
IntersectRect
MapVirtualKeyW
CallWindowProcW
SetProcessDefaultLayout
SetRectEmpty
GetWindowTextLengthW
EnableWindow
CreateDialogIndirectParamA
DefMDIChildProcW
DialogBoxIndirectParamA
LoadImageW
SetDlgItemTextA
VkKeyScanA
CreateCursor
MonitorFromWindow
GetUserObjectInformationW
SendMessageTimeoutA
SystemParametersInfoW
SubtractRect
SetFocus
FindWindowExA
wvsprintfW
CreatePopupMenu
WaitForInputIdle
OemToCharBuffA
OpenIcon
WinHelpW
LoadMenuA
SetActiveWindow
InsertMenuA
FrameRect
FlashWindow
GetPropA
FreeDDElParam
WindowFromPoint
IsRectEmpty
MoveWindow
MapDialogRect
InvalidateRgn
CreateMenu
GetNextDlgGroupItem
CopyIcon
SetMessageQueue
SetMenuItemInfoA
ChangeDisplaySettingsA
GetMenuItemCount
EnumDisplaySettingsW
DeferWindowPos
HideCaret
SetWindowRgn
GetLastActivePopup
MessageBoxIndirectA
GetMenuItemID
MapVirtualKeyA
InvalidateRect
IsCharAlphaW
TrackPopupMenuEx
PostQuitMessage
SetWindowsHookExA
GetWindowThreadProcessId
DefWindowProcA
TranslateMessage
GetProcessDefaultLayout

oleaut32

SysFreeString

shlwapi

PathIsUNCServerShareW
PathSetDlgItemPathW
PathRenameExtensionW
UrlEscapeW
PathIsRootW
StrCmpIW
StrCmpNIA
PathQuoteSpacesW
PathAddBackslashA
UrlIsW
PathStripToRootW
PathFileExistsA
StrStrIA
PathMatchSpecW
SHRegGetBoolUSValueW
PathCommonPrefixW
PathAppendA
SHRegGetValueW
StrChrA
PathFindExtensionA
UrlUnescapeW
StrStrIW
PathFindNextComponentW
SHAutoComplete
PathRemoveExtensionW
StrStrA

advapi32

RegQueryValueExA
RegDeleteValueA
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
MakeSelfRelativeSD
RegOpenCurrentUser
EnumDependentServicesW
QueryServiceConfigW
CloseEventLog
ReadEventLogW
CreateProcessWithLogonW
CredGetSessionTypes
StartServiceA
ImpersonateSelf
StartServiceCtrlDispatcherA
RegLoadKeyW
ImpersonateAnonymousToken
LogonUserW
CreateServiceA
QueryServiceLockStatusA
ReportEventW
DuplicateTokenEx
SaferSetLevelInformation
ChangeServiceConfig2W
EnumServicesStatusA
StartServiceW
RegEnumKeyA
IsTokenRestricted
CredIsMarshaledCredentialW

gdi32

PolyPolygon
GetTextMetricsA
SetBrushOrgEx
PtInRegion
CreateICW
CreatePenIndirect
BeginPath
RectVisible
ResizePalette
GetMetaFileA
GetEnhMetaFileHeader
LPtoDP
ScaleViewportExtEx
EnumEnhMetaFile
GetViewportOrgEx
GetCharWidthA
ExtFloodFill
GetRgnBox
PolyBezierTo
GetFontResourceInfoW
GetTextCharset
PlayEnhMetaFile
GetBkColor
GetCharacterPlacementA
PtVisible
PlayEnhMetaFileRecord
GetCharABCWidthsW
MoveToEx
Chord
GetSystemPaletteUse
GetSystemPaletteEntries
SetPaletteEntries
SetTextCharacterExtra
CreateCompatibleBitmap
GetTextCharacterExtra
SetROP2

Exports

Exports

DRMcfgapi

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f042c14306862380588dd4a21b0a327

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB