bb37d8de3d59e19031e93c331842f9e4

Sharing

Copy URL Twitter E-mail

General

Target

bb37d8de3d59e19031e93c331842f9e4
Size

215KB
MD5

bb37d8de3d59e19031e93c331842f9e4
SHA1

812fbe4082e87c4336b0947abe4cb9a644783ee6
SHA256

71570dd0991da43b368324d1034db9b674a0dc5393421795d2c6827ee04cb6c1
SHA512

58f6337f1ce0246f6b876444e99946a034da2678ce9e3c3668974dd6ac48eef8c9afe112693c32784d4b87dd0cbf49e4ee7e143e0a3a8a9f084afec6f7b98701
SSDEEP

6144:qRbBfG1TFoeMoOxtosvofc5UsRbZAe8pn:ObBf+TFoeM1dAsRbmD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb37d8de3d59e19031e93c331842f9e4

Files

bb37d8de3d59e19031e93c331842f9e4
.dll windows:4 windows x86 arch:x86

595496ce3d51e6e980a4bfab460c764c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetCapture
DrawFrameControl
SendMessageA
GetScrollRange
DrawMenuBar
RegisterClipboardFormatA
ClientToScreen
IntersectRect
GetSysColor
TrackPopupMenu
GetMenu
DispatchMessageA
RedrawWindow
SetCapture
GetKeyboardLayoutNameA
GetFocus
CheckMenuItem
LoadKeyboardLayoutA
MessageBoxA
SetTimer
GetLastActivePopup
GetCursor
IsDialogMessageA
SetParent
CharLowerA
GetClassInfoA
PeekMessageW
ShowWindow
IsWindowVisible
LoadBitmapA
GetWindowRect
FindWindowA

shlwapi

SHQueryValueExA

gdi32

RestoreDC
CreateCompatibleDC
GetDCOrgEx
CreateDIBSection
CreateFontIndirectA
SaveDC

oleaut32

SysAllocStringLen
SysReAllocStringLen
SafeArrayGetElement
OleLoadPicture
RegisterTypeLib
SafeArrayCreate
SysFreeString

kernel32

GetModuleHandleA
lstrlenA
VirtualAllocEx
VirtualAlloc
GetCommandLineA
FindClose
lstrcpynA
SetEvent
GetOEMCP
HeapDestroy
GetACP
GetProcAddress
LoadResource
GlobalAlloc
ExitThread
WriteFile
GetLastError
GetVersionExA
DeleteCriticalSection

shell32

SHGetFileInfoA

version

GetFileVersionInfoA

comctl32

ImageList_Draw
ImageList_DrawEx
ImageList_GetBkColor
ImageList_Remove
ImageList_Destroy

Sections

CODE
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 903B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

595496ce3d51e6e980a4bfab460c764c

Headers

File Characteristics

Imports

user32

shlwapi

gdi32

oleaut32

kernel32

shell32

version

comctl32

Sections

CODE Size: 30KB - Virtual size: 30KB

.rdata Size: 178KB - Virtual size: 178KB

.data Size: 2KB - Virtual size: 150KB

.edata Size: 1024B - Virtual size: 903B

.reloc Size: 1024B - Virtual size: 954B

CODE
Size: 30KB - Virtual size: 30KB

.rdata
Size: 178KB - Virtual size: 178KB

.data
Size: 2KB - Virtual size: 150KB

.edata
Size: 1024B - Virtual size: 903B

.reloc
Size: 1024B - Virtual size: 954B