10113dd96ffaea5d2b01400ea95f369a0cfa438f5fa6d930f6f26f42a8052b7e

Sharing

Copy URL Twitter E-mail

General

Target

10113dd96ffaea5d2b01400ea95f369a0cfa438f5fa6d930f6f26f42a8052b7e
Size

2.0MB
MD5

03e7f52f4b621dd39c0fb328a53fb998
SHA1

c337ecd2f4ea8c728d08ac5a168c53dff6560226
SHA256

10113dd96ffaea5d2b01400ea95f369a0cfa438f5fa6d930f6f26f42a8052b7e
SHA512

a6857f49d402660457b638ae7e783767c6d6793c67f4259709c686148b2761c6ec1f155e3d2178e24fbe050191fc368cb868faa0b9dea45ec65bec104729e140
SSDEEP

49152:1vdTzqPrzws54dcx4TIqR6lg4YsEKLYx6eapE6SRe:1vpzqPrzwY4dyQ6e44KLJeaWrRe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10113dd96ffaea5d2b01400ea95f369a0cfa438f5fa6d930f6f26f42a8052b7e

Files

10113dd96ffaea5d2b01400ea95f369a0cfa438f5fa6d930f6f26f42a8052b7e
.dll windows:4 windows x86 arch:x86

10873360c92041d6175634404078a4e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSize
GetLastError
GetCurrentProcess
GetVersionExA
GetDriveTypeA
TerminateProcess
GetTempPathA
Sleep
lstrcpyA
lstrlenA
MultiByteToWideChar
GlobalAlloc
SetLastError
lstrcatA
SetFilePointer
GetTimeZoneInformation
GetVersion
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
LocalFree
FlushFileBuffers
lstrcpynA
GetFullPathNameA
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GlobalFlags
GetCurrentDirectoryA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
HeapSize
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange
WriteFile
FindFirstFileA
SetFileAttributesA
RemoveDirectoryA
FindNextFileA
FindClose
DeleteFileA
GlobalLock
GlobalUnlock
GlobalFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateThread
CloseHandle
LCMapStringA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetCommandLineA
GetTickCount
WritePrivateProfileStringA
GetPrivateProfileStringA
IsBadReadPtr
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
GetModuleHandleA
GetProcessHeap
GetCurrentProcessId
Process32Next
Process32First
CreateFileA
GetDiskFreeSpaceExA
GlobalMemoryStatusEx
Module32Next
CreateToolhelp32Snapshot
GetFileAttributesA
VirtualProtect
VirtualFree
VirtualAlloc
SetWaitableTimer
CreateWaitableTimerA
UnmapViewOfFile
MapViewOfFile
CreateEventA
OpenEventA
CreateFileMappingA
OpenFileMappingA
CreateMutexA

user32

SetFocus
GetWindowPlacement
IsIconic
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
GetClassInfoA
GetMenuItemCount
GetDlgCtrlID
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
PostMessageA
GetParent
GetWindow
PtInRect
GetCursorPos
SystemParametersInfoA
GetDC
ReleaseDC
GetSystemMetrics
UnregisterClassA
UnhookWindowsHookEx
GrayStringA
DrawTextA
PeekMessageA
CreateDialogIndirectParamA
UpdateWindow
GetMessageA
SendMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
PostQuitMessage
SetWindowTextA
GetDlgItem
ShowWindow
SetWindowLongA
GetWindowRect
ScreenToClient
SetWindowPos
GetWindowLongA
GetWindowTextLengthA
wsprintfA
MessageBoxA
CreateWindowStationA
GetWindowThreadProcessId
GetClassNameA
GetWindowTextA
IsWindowVisible
TabbedTextOutA

ws2_32

inet_ntoa
accept
__WSAFDIsSet
getpeername
htonl
sendto
recvfrom
gethostname
bind
listen
WSAStartup
WSACleanup
select
WSAAsyncSelect
ntohs
getsockname
recv
send
gethostbyname
connect
inet_addr
htons
socket
closesocket

gdi32

GetClipBox
ScaleWindowExtEx
SetWindowExtEx
GetDeviceCaps
SelectObject
DeleteDC
GetObjectA
GetStockObject
DeleteObject
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
SaveDC
RestoreDC
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx

advapi32

RegOpenKeyExA
RegRestoreKeyA
RegSaveKeyA
RegEnumValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegFlushKey
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyA
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA
SHEmptyRecycleBinA
ShellExecuteA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comctl32

ord17

wininet

FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

run

Sections

.text
Size: 572KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10873360c92041d6175634404078a4e9

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

gdi32

advapi32

shell32

winspool.drv

comctl32

wininet

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 572KB - Virtual size: 572KB

.data Size: 1.5MB - Virtual size: 1.5MB

.idata Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.text
Size: 572KB - Virtual size: 572KB

.data
Size: 1.5MB - Virtual size: 1.5MB

.idata
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB