bd276f3f9e63d6432135ab346b62ad4f

Sharing

Copy URL Twitter E-mail

General

Target

bd276f3f9e63d6432135ab346b62ad4f
Size

192KB
MD5

bd276f3f9e63d6432135ab346b62ad4f
SHA1

2e154dc501ffb54b789a051405dfca1ddca5b911
SHA256

436bea257288fcc8ed85c715be1974925e71327b3b85bb7d1030b657b2654a8e
SHA512

e53422a160cecb4bbbcff3a198e4df7efba25dec34ff1d56d9f088f6c52b0a651c95c7b915a51599d28b7807ecad78d95251875eccba25abc60fdeb59b3ab275
SSDEEP

3072:HCOikWMcwvO59l3dkj8/JzQWrTEMHhnKbNSv8otkLs6gzWrnCsR653U+9X7SkXJP:HYkmJzzobIvZtr66Wrn/RyEi7N5P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd276f3f9e63d6432135ab346b62ad4f

Files

bd276f3f9e63d6432135ab346b62ad4f
.dll windows:4 windows x86 arch:x86

0c72504ef54752b09be0cbe574e3278a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ClientToScreen
GetWindowTextA
PtInRect
CharToOemA
SetScrollPos
EmptyClipboard
GetScrollRange
GetScrollInfo
IsWindowEnabled
GetWindowThreadProcessId
GetSysColorBrush
SetScrollInfo
GetCursorPos
RegisterClassA
SetRect
GetKeyboardLayoutNameA
ActivateKeyboardLayout
GetMenuItemInfoA
DestroyMenu
CreatePopupMenu
FillRect
TranslateMessage
GetMenu
ReleaseCapture
OemToCharA
DefMDIChildProcA
ReleaseDC
IsDialogMessageA
OpenIcon
SetTimer
RemoveMenu
IsIconic
MessageBoxA
LoadBitmapA
GetClassInfoA
wsprintfA
DrawTextA
GetClassNameA
GetDC
UnregisterClassA
EnableMenuItem
DrawIconEx
CharNextW
GetDesktopWindow
GetWindowLongA
GetScrollPos
CharLowerBuffA
PostQuitMessage
GetMenuItemCount
GetSysColor
GetKeyNameTextA
GetFocus
CharLowerA
LoadCursorA
UnhookWindowsHookEx
CheckMenuItem
SendMessageW
SetActiveWindow
GetTopWindow
IsMenu
SystemParametersInfoA
IsDlgButtonChecked
DrawFrameControl
IntersectRect

kernel32

FormatMessageA
SetThreadLocale
GetStdHandle
IsBadReadPtr
GetProcessHeap
GetCurrentThreadId
SetFilePointer
VirtualQuery
GlobalDeleteAtom
LoadLibraryExA
GlobalAlloc
FindFirstFileA
SizeofResource
VirtualAlloc
LocalAlloc
ResetEvent
VirtualFree
ExitProcess
EnterCriticalSection
GetVersionExA
lstrlenA
SetLastError
LoadLibraryA
lstrcmpiA

gdi32

GetTextAlign
GetTextColor
GetDCOrgEx

comctl32

ImageList_DragShowNolock
ImageList_Add
ImageList_Read
ImageList_Destroy
ImageList_Remove
ImageList_Create
ImageList_DrawEx
ImageList_GetBkColor
ImageList_Write

Exports

Exports

_voiJYglKZ
AYhqKuk
_0MqcFSs
_farmU
vz0gp
1XdT8lnZWjRcU@20
_3dwSgLwsgMTjM@12
hNytbFdm7
7BPmW@20
_Pmk1FY9cw6fy79@12
oscxSUUkk

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.badata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c72504ef54752b09be0cbe574e3278a

Headers

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 9KB - Virtual size: 141KB

.data Size: 148KB - Virtual size: 148KB

.edata Size: 2KB - Virtual size: 2KB

.badata Size: 1KB - Virtual size: 1KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 9KB - Virtual size: 141KB

.data
Size: 148KB - Virtual size: 148KB

.edata
Size: 2KB - Virtual size: 2KB

.badata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 2KB - Virtual size: 1KB