04350f670eddf54ea25d5749524a5a2608d889065a57bcb390bfd988c4b1b095

General

Target

04350f670eddf54ea25d5749524a5a2608d889065a57bcb390bfd988c4b1b095
Size

170KB
MD5

ae2d04ea1ce86c11b50f0667258f235b
SHA1

defdbd542da1bdb774f8f46411cf9bd89b427f45
SHA256

04350f670eddf54ea25d5749524a5a2608d889065a57bcb390bfd988c4b1b095
SHA512

3e9159aa3dc9070e2c1f82a5d1911277537ded6e59ed35771853c4b5bfaa1055a428429d474a2a5cc7bb76c1c35f2f88ec4cb4818a94eac870cae5e2bd44e2ee
SSDEEP

3072:KRcjAmglaz+ZuTbmf9cgHrX38lNAnsAbB9ygpkKSAvs058jU9ol3Iq:KR2glazOrLnqun9pkKSAv5Wmy3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04350f670eddf54ea25d5749524a5a2608d889065a57bcb390bfd988c4b1b095

Files

04350f670eddf54ea25d5749524a5a2608d889065a57bcb390bfd988c4b1b095
.dll windows:4 windows x86 arch:x86

fd30dd2b7712a5ac86e5fb27097b54e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindFirstFileA
FindResourceA
GetACP
GetCommandLineA
GetCurrentProcessId
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
IsBadStringPtrA
LoadLibraryA
MultiByteToWideChar
RtlUnwind
SetEnvironmentVariableA
SetLastError
SetUnhandledExceptionFilter
lstrcmpiA

msvcrt

wcscat
__p__commode
_wcsicmp
fwprintf
wcscmp
strspn

user32

LoadIconA
PostMessageA
CloseClipboard

oleaut32

VarBstrCat
SysStringLen
SetErrorInfo
SafeArrayDestroy
SafeArrayAllocData
SafeArrayAccessData
OleTranslateColor
OleLoadPicturePath
OleIconToCursor
GetErrorInfo
ClearCustData

shlwapi

ChrCmpIA
PathBuildRootA
PathCombineA
PathFindOnPathA
PathGetCharTypeA
PathGetDriveNumberA
SHDeleteEmptyKeyA
SHDeleteValueA
SHOpenRegStreamA

Exports

Exports

GetSimpleTableDispenser
UninitializeStreaming
W32N_GetLastError

Sections

.text
Size: 103KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd30dd2b7712a5ac86e5fb27097b54e8

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 103KB - Virtual size: 180KB

.data Size: 64KB - Virtual size: 68KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 103KB - Virtual size: 180KB

.data
Size: 64KB - Virtual size: 68KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB