62c285340cbde0648f391711731be5e165915466161f9889f4123cadd4ec4c9f

Sharing

Copy URL

Twitter E-mail

General

Target

62c285340cbde0648f391711731be5e165915466161f9889f4123cadd4ec4c9f
Size

256KB
MD5

02827427cbd0e7902defbe422f39f1de
SHA1

1cfff931d012bf8b9744e134f3b8e98b5c8f6cb3
SHA256

62c285340cbde0648f391711731be5e165915466161f9889f4123cadd4ec4c9f
SHA512

f82cab4d46978d27f63d54a28af8a88a70f43641db555cb071a40546f33b5870c71a56e25eda0d69ec5b9ed4229c4db5d5bd555b54ffc44930e1365fbfeeadd0
SSDEEP

6144:CD0pG3/fSA7Fm8I3z24aq9wV2voi65qS:g2D3R9wMAqS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62c285340cbde0648f391711731be5e165915466161f9889f4123cadd4ec4c9f

Files

62c285340cbde0648f391711731be5e165915466161f9889f4123cadd4ec4c9f
.dll windows:4 windows x86 arch:x86

287e0713c679df596550df57403b823a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFlags
InterlockedIncrement
GetVersionExA
GlobalFindAtomW
GetThreadLocale
ReadFile
FlushFileBuffers
SetEndOfFile
CreateFileW
RtlUnwind
RaiseException
HeapFree
WritePrivateProfileStringW
GetCommandLineA
GetProcessHeap
ExitProcess
HeapReAlloc
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedDecrement
GlobalFree
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
GetCurrentProcessId
GlobalAddAtomW
GlobalDeleteAtom
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
WideCharToMultiByte
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
VirtualAlloc
VirtualProtect
LoadLibraryA
CloseHandle
SetFilePointer
WriteFile
SetLastError
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
GetCurrentThreadId
InterlockedCompareExchange
VirtualFree
VirtualQuery
ResumeThread
GetLastError
GetModuleHandleW
GetCurrentThread
MultiByteToWideChar
FreeLibrary
InitializeCriticalSection
GetModuleHandleA
GetProcAddress
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
HeapAlloc
LoadLibraryW

shlwapi

PathFindFileNameW
PathFindExtensionW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

UnregisterClassA
ShowWindow
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
LoadCursorW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetDlgCtrlID
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DestroyMenu
DrawTextW
TabbedTextOutW
UnregisterClassW
UnhookWindowsHookEx
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetSysColorBrush
GetMenu
PostQuitMessage
PostMessageW
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
SendMessageW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetWindowRect

gdi32

DeleteDC
GetStockObject
ExtTextOutW
ScaleWindowExtEx
SetWindowExtEx
GetDeviceCaps
SaveDC
RestoreDC
SetBkColor
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
CreateBitmap
TextOutW
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
Escape

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

YkTEs
rZLTY

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

287e0713c679df596550df57403b823a

Headers

File Characteristics

Imports

kernel32

shlwapi

oleacc

user32

gdi32

winspool.drv

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 161KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 24KB - Virtual size: 20KB

.text
Size: 164KB - Virtual size: 161KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 24KB - Virtual size: 20KB