bdc9e04388bda8527b398a8c34667e18

Sharing

Copy URL Twitter E-mail

General

Target

bdc9e04388bda8527b398a8c34667e18
Size

5.9MB
MD5

bdc9e04388bda8527b398a8c34667e18
SHA1

a592d49ff32fe130591ecfde006ffa4fb34140d5
SHA256

295b089792d00870db938f2107772e0b58b23e5e8c6c4465c23affe87e2e67ac
SHA512

4822b2e52ed7003418fd5b8efda96f5966bc83b9308720fd8468235aaef92c24998fb71a650b184cd02c56fadbcc1f34299ee827dcdeb7274355a86ce6e51d48
SSDEEP

98304:P1PeqLR87k3EpwS0ry4v6vBo0BZ2zFlHdUjWY4jic3zhHJJT58OodXzOMCcKDYM:P1P9b7TU2hbPosMCc0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdc9e04388bda8527b398a8c34667e18

Files

bdc9e04388bda8527b398a8c34667e18
.dll windows:4 windows x86 arch:x86

991f4f2eab0b033235bd47523a39f8e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateThread
SetEvent
GetCurrentProcessId
OpenEventW
SetLastError
InterlockedIncrement
OpenMutexW
InterlockedDecrement
GetLastError
CreateMutexA
GetCurrentThreadId
CreateMutexW
ReleaseMutex
SetEnvironmentVariableW
WideCharToMultiByte
MultiByteToWideChar
LocalFree
VirtualAllocEx
VirtualQueryEx
VirtualFreeEx
ReadProcessMemory
GetFullPathNameW
OpenProcess
ProcessIdToSessionId
Sleep
GetExitCodeProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetFileTime
GetFileSize
FindFirstFileW
FileTimeToLocalFileTime
GetFileInformationByHandle
ReadFile
SetFilePointer
CreateFileW
SetEndOfFile
SetFileAttributesW
FlushFileBuffers
LocalFileTimeToFileTime
FindClose
SetFileTime
lstrlenA
VirtualQuery
lstrcpynA
GetModuleHandleW
IsBadReadPtr
GetModuleFileNameW
IsBadStringPtrA
lstrcmpiA
GetModuleHandleA
VirtualProtect
CompareStringA
HeapFree
GetVersion
CreateFileMappingW
GetProcessHeap
lstrcatW
GetSystemDirectoryW
lstrcpynW
ExitThread
HeapAlloc
UnmapViewOfFile
FreeLibrary
DuplicateHandle
GetThreadTimes
SuspendThread
ResumeThread
GetThreadContext
TerminateThread
OpenThread
GetExitCodeThread
GetSystemDefaultUILanguage
GetVersionExA
GetProcAddress
ResetEvent
CreateEventW
WaitForMultipleObjectsEx
QueueUserAPC
SetThreadContext
GetTempPathW
GetCurrentDirectoryW
GetWindowsDirectoryW
GetTempFileNameW
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
GetFileAttributesW
LoadLibraryW
CreateProcessW
GetShortPathNameW
GetVolumeInformationW
CopyFileW
DeleteFileW
GetLongPathNameW
MoveFileExW
RemoveDirectoryW
Thread32First
Thread32Next
CreateToolhelp32Snapshot
VirtualFree
VirtualAlloc
MapViewOfFile
OpenFileMappingW
SystemTimeToFileTime
GetSystemTime
GetTickCount
FindNextFileW
GetComputerNameExW
SetConsoleCtrlHandler
CreateEventA
WaitForMultipleObjects
GetOverlappedResult
CancelIo
CreateNamedPipeW
QueryDosDeviceW
ConnectNamedPipe
DisconnectNamedPipe
CreateDirectoryW
FindResourceW
LoadResource
SizeofResource
LockResource
GetStartupInfoW
PeekNamedPipe
CreatePipe
WaitForSingleObject
ExitProcess
FreeConsole
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetConsoleMode
SetConsoleMode
GetFileType
GetStdHandle
SetHandleInformation
HeapCreate
GetWindowsDirectoryA
GetProcessTimes
GetSystemTimeAdjustment
FindFirstFileA
FindNextFileA
GlobalMemoryStatus
QueryPerformanceCounter
GetCurrentThread
LoadLibraryA
GetComputerNameA
CreateFileA
GetEnvironmentVariableA
GetLocalTime
CreateFileMappingA
FileTimeToSystemTime
lstrcmpW
lstrlenW
lstrcmpA
lstrcpyW
GetTimeZoneInformation
GetComputerNameW
OpenEventA
CreateNamedPipeA
ExpandEnvironmentStringsA
WaitNamedPipeA
CreateProcessA
lstrcatA
CreateMailslotW
LoadLibraryExA
LoadLibraryExW
GetModuleFileNameA
GetCommandLineA
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetTimeFormatA
GetDateFormatA
DeleteFileA
HeapSize
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
RtlUnwind
GetFileAttributesA
GetConsoleCP
RaiseException
CompareStringW
InterlockedExchange
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetEnvironmentVariableA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LocalAlloc
SetErrorMode
GetVolumeNameForVolumeMountPointW
DeviceIoControl
GetSystemDirectoryA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetDriveTypeA
SetThreadPriority
CompareFileTime
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetTempPathA
AreFileApisANSI
GetFullPathNameA
UnlockFile
LockFile
FormatMessageA
FormatMessageW
LockFileEx
SleepEx
InterlockedCompareExchange
lstrcpyA
GetDiskFreeSpaceExW
GetLogicalDrives
GetVolumeNameForVolumeMountPointA
GetDriveTypeW
GetPrivateProfileIntW
FindFirstChangeNotificationW
FindNextChangeNotification
FindVolumeClose
FindNextVolumeW
FindFirstVolumeW

Exports

Exports

CPlApplet
DDEInit
DDEnumCallback
GetAuthMechanism
InprocServer
QueryValueEx
SetAuthMechanism
SetEnumStructure
ValueEnumCallback

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 700KB - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 472KB - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 254KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

991f4f2eab0b033235bd47523a39f8e7

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 700KB - Virtual size: 700KB

.data Size: 472KB - Virtual size: 736KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 254KB - Virtual size: 253KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 700KB - Virtual size: 700KB

.data
Size: 472KB - Virtual size: 736KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 254KB - Virtual size: 253KB