2b77071d9a45e9ca22d02a6b583d2de26b5060ccc3854b248c87cf7f96e49a32

Sharing

Copy URL

Twitter E-mail

General

Target

2b77071d9a45e9ca22d02a6b583d2de26b5060ccc3854b248c87cf7f96e49a32
Size

485KB
MD5

328641b3bdb2fb56dd59ea4ac2a1ddb3
SHA1

c705b4f85bd9aa3a9dd05142c2e70ddc6f7f5bc5
SHA256

2b77071d9a45e9ca22d02a6b583d2de26b5060ccc3854b248c87cf7f96e49a32
SHA512

92de1f1eb4c2acfe2fb5d4dbe71d6f0faaf4405c576e3b1cef40f8faafdc999a48dc455c68de2b92205f04c08047283865131ffb04068f25b7bf4f3e4e57e388
SSDEEP

6144:79SffnLgvyHpLV4VbPwwZ02aGY5ZYwJizg7F11O/p0Rdx8Zt50U:7UnLEmkTv02aGY5HB7bdx8Zt50U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b77071d9a45e9ca22d02a6b583d2de26b5060ccc3854b248c87cf7f96e49a32

Files

2b77071d9a45e9ca22d02a6b583d2de26b5060ccc3854b248c87cf7f96e49a32
.dll windows:6 windows x86 arch:x86

5ab55750804c830339820cca1080dc6a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
GetStdHandle
HeapSize
GetModuleHandleExW
ExitProcess
WriteFile
IsDebuggerPresent
EnumSystemLocalesW
GetLocaleInfoW
LCMapStringW
GetProcAddress
GetModuleHandleW
TlsSetValue
TlsGetValue
TerminateProcess
GetModuleFileNameW
CloseHandle
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointerEx
HeapReAlloc
LoadLibraryExW
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadConsoleW
TlsFree
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
GetUserDefaultUILanguage
VirtualFree
EnumResourceTypesW
CreateNamedPipeA
GetStartupInfoW
WideCharToMultiByte
ClearCommBreak
FlushFileBuffers
HeapDestroy
GetUserDefaultLCID
DeleteCriticalSection
SetCommTimeouts
GetTickCount
GetVersion
TlsAlloc
GetModuleHandleA
FindNextFileA
GetModuleFileNameA
EnterCriticalSection
FindFirstFileA
ExitThread
GetACP
CreateFileW
SizeofResource
IsValidLocale
GetCommandLineA
GetProcessHeap
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetLastError
EncodePointer
DecodePointer
LeaveCriticalSection
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapFree
GetCurrentThreadId
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

EnableScrollBar
EndPaint
IsIconic
SetCapture
GetQueueStatus
GetKeyboardState
LoadMenuW
SendMessageW
EndMenu
GetMessageTime
GetClientRect
CreateMenu
CheckMenuItem
GetMessageA
CharUpperBuffW
MessageBeep
GetMenuItemCount
InsertMenuW
CopyRect
RegisterClassA
GetDlgItemInt
GetKeyState
GetWindowTextA
ShowCursor
ToAsciiEx
KillTimer
LoadStringA
EnumWindows
GetDC
OffsetRect
SetPropA
MessageBoxA
GetWindowLongW
ScrollWindow
BeginDeferWindowPos
RegisterClassW
GetSystemMetrics
MapWindowPoints
GetWindow
ReleaseDC

gdi32

SetPixel
SelectPalette
CreatePenIndirect
GetNearestPaletteIndex
SetROP2
GetSystemPaletteEntries
GetMetaFileBitsEx
CreateHatchBrush
Polygon
GetRgnBox
EndDoc
CreateEnhMetaFileW
MaskBlt
CreateBitmapIndirect
ExtCreatePen
TranslateCharsetInfo
GetWindowOrgEx
GetTextExtentPoint32A
SetViewportOrgEx
CreateFontIndirectA
ExcludeClipRect
CreateHalftonePalette
PolyPolyline
PlayEnhMetaFile
RealizePalette
GetBkColor
CreateRectRgn
CreatePen
RectVisible
CreateDIBitmap
GetStockObject
ExtTextOutA
CloseEnhMetaFile
RestoreDC
SelectClipRgn

comdlg32

FindTextW

advapi32

OpenProcessToken
RegOpenKeyExA
SetSecurityDescriptorDacl
OpenSCManagerW
ControlService
RegSetKeySecurity
LookupPrivilegeValueW
EqualSid

shell32

Shell_NotifyIconW
SHGetFileInfoW

oleaut32

VariantInit

Sections

.text
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ab55750804c830339820cca1080dc6a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 369KB - Virtual size: 369KB

.rdata Size: 81KB - Virtual size: 80KB

.data Size: 18KB - Virtual size: 33KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 369KB - Virtual size: 369KB

.rdata
Size: 81KB - Virtual size: 80KB

.data
Size: 18KB - Virtual size: 33KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 14KB - Virtual size: 14KB