6398d798ff6362e98e06e2e85dcb380f098d5fb4fcd7c4c3888ef720b8a9fb28

Sharing

Copy URL Twitter E-mail

General

Target

6398d798ff6362e98e06e2e85dcb380f098d5fb4fcd7c4c3888ef720b8a9fb28
Size

606KB
MD5

e6cc8f49d67fa0b8a448a286520093d7
SHA1

02c303272645eed32f4caa8f9a49fd3aa56c95b1
SHA256

6398d798ff6362e98e06e2e85dcb380f098d5fb4fcd7c4c3888ef720b8a9fb28
SHA512

02311859ed3ffd6a5a0ebeab92a73a35cc3f1b89bcd025e740c6ee99d7a3a2aebbfcc5e9452312c188225e572987972f114350dd9ae22016546843a1d2eecb6e
SSDEEP

12288:SBg1+rcofrpYBB5Swnrn7XGGxXqxatBbkj/uudTkP5FJHuXldSW/1asftOSLE8s:SlKH2GxXqxavFM1dSq1RpLE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6398d798ff6362e98e06e2e85dcb380f098d5fb4fcd7c4c3888ef720b8a9fb28

Files

6398d798ff6362e98e06e2e85dcb380f098d5fb4fcd7c4c3888ef720b8a9fb28
.dll windows:6 windows x86 arch:x86

4fb223b85b6f98a81d3499d16ccc8640

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\MAC\Current\Source\Projects\VS2022\MACDll\Release\MACDll.pdb

Imports

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExW
SystemTimeToTzSpecificLocalTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetConsoleMode
SetStdHandle
GetStringTypeW
SetFilePointerEx
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
LCMapStringW
GetFileType
ExitProcess
HeapQueryInformation
GetModuleHandleExW
GetCommandLineW
GetCommandLineA
InterlockedFlushSList
RtlUnwind
RaiseException
OutputDebugStringW
GetCurrentProcess
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
CompareStringW
GlobalFindAtomW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GetCurrentProcessId
GlobalAddAtomW
CreateEventW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
SetLastError
OutputDebugStringA
GetACP
FindClose
FindFirstFileW
GetFileSize
DeleteFileW
SetFileAttributesW
CreateFileW
SetEndOfFile
SetFilePointer
WriteFile
GetStdHandle
ReadFile
WideCharToMultiByte
MultiByteToWideChar
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource
CreateTimerQueueTimer
DeleteTimerQueueTimer
Sleep
CloseHandle
WaitForSingleObject
SetThreadPriority
CreateThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
lstrlenW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
GetConsoleOutputCP
HeapFree
WriteConsoleW

user32

ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
UnhookWindowsHookEx
GetWindow
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollPos
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
DestroyWindow
IsChild
RealChildWindowFromPoint
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
MessageBoxW
UnregisterClassW
CharNextW
CharPrevW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongW
IsWindowEnabled
SetCursor
CallNextHookEx
SetWindowsHookExW
SetWindowTextW
IsDialogMessageW
GetDC
ReleaseDC
CreateDialogIndirectParamW
GetNextDlgTabItem
GetDesktopWindow
SetMenu
ClientToScreen
SendMessageW
PostMessageW
EnableWindow
CheckDlgButton
IsDlgButtonChecked
EndDialog
DialogBoxParamW
SendDlgItemMessageA
GetClientRect
SetRectEmpty
OffsetRect
GetParent
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
PostQuitMessage
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
GetSystemMetrics
GetSysColorBrush
LoadCursorW
SetTimer
DestroyMenu
CharUpperW
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
IsMenu
InvalidateRect
KillTimer

gdi32

Escape
GetClipBox
GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetMapMode
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
DeleteObject
GetObjectW
SetTextColor
SetBkColor
GetDeviceCaps
DeleteDC
CreateBitmap

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteW

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocString
SysFreeString

oleacc

CreateStdAccessibleObject
LresultFromObject

Exports

Exports

CloseFilterInput
CloseFilterOutput
CompressFile
CompressFileW
CompressFileW2
ConvertFile
ConvertFileW
ConvertFileW2
DIALOGMsgProc
DecompressFile
DecompressFileW
DecompressFileW2
FillWaveFormatEx
FillWaveHeader
FilterGetFileSize
FilterGetFirstSpecialData
FilterGetNextSpecialData
FilterGetOptions
FilterOptions
FilterOptionsString
FilterUnderstandsFormat
FilterWriteSpecialData
GetID3Tag
GetInterfaceCompatibility
GetLibraryInterfaceVersion
GetLibraryVersionNumber
GetLibraryVersionString
GetVersionNumber
OpenFilterInput
OpenFilterOutput
QueryCoolFilter
ReadFilterInput
RemoveTag
TagFileSimple
VerifyFile
VerifyFileW
VerifyFileW2
WriteFilterOutput
_CreateIAPECompress@4
_CreateIAPEDecompress@20
_CreateIAPEDecompressEx2@16
_CreateIAPEDecompressEx@8
_FillRF64Header@16
_GetAPECompressionLevelName@16
_GetAPEFileType@8
_GetID3TagW@8
_RemoveTagW@4
c_APECompress_AddData
c_APECompress_Create
c_APECompress_Destroy
c_APECompress_Finish
c_APECompress_GetBufferBytesAvailable
c_APECompress_Kill
c_APECompress_LockBuffer
c_APECompress_Start
c_APECompress_StartW
c_APECompress_UnlockBuffer
c_APEDecompress_Create
c_APEDecompress_CreateW
c_APEDecompress_Destroy
c_APEDecompress_GetData
c_APEDecompress_GetInfo
c_APEDecompress_Seek
winampGetExtendedFileInfo
winampGetInModule2
winampSetExtendedFileInfo
winampUseUnifiedFileInfoDlg
winampWriteExtendedFileInfo

Sections

.text
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4fb223b85b6f98a81d3499d16ccc8640

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oleacc

Exports

Exports

Sections

.text Size: 368KB - Virtual size: 368KB

.rdata Size: 103KB - Virtual size: 102KB

.data Size: 7KB - Virtual size: 34KB

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 19KB - Virtual size: 19KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 368KB - Virtual size: 368KB

.rdata
Size: 103KB - Virtual size: 102KB

.data
Size: 7KB - Virtual size: 34KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 19KB - Virtual size: 19KB

.rmnet
Size: 56KB - Virtual size: 60KB