c2c530cdd68f62a70ab788d083b350ff

Sharing

Copy URL Twitter E-mail

General

Target

c2c530cdd68f62a70ab788d083b350ff
Size

263KB
MD5

c2c530cdd68f62a70ab788d083b350ff
SHA1

da60fe37b9b10d481e5d8228f9e1573008292d31
SHA256

426ee8ced161f5b1eb56659000ada484c90451797dea384b71dd7359f7637631
SHA512

30c1d632387c3933e71f0789b103b0102dc0ac8e9030e17ba925a5a76fdaa268ed2fc03d0392f433b5e36747992dd1a3509ea3d0696f7137920e47ff5a36506e
SSDEEP

6144:5jHKIaFq+zS1Yccd4uC50pvev5emSUoConlNRw7cznadns:5jHzaFq6nguCuxhCCNgcTadns

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2c530cdd68f62a70ab788d083b350ff

Files

c2c530cdd68f62a70ab788d083b350ff
.dll windows:4 windows x86 arch:x86

c9d83b022aad58f726b51810f8d1565f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA

shell32

ShellHookProc
SHLoadNonloadedIconOverlayIdentifiers
SHGetSpecialFolderLocation
SHGetInstanceExplorer
SHFreeNameMappings
SHBindToParent
DuplicateIcon
DragAcceptFiles

ddraw

GetSurfaceFromDC
DirectDrawCreateEx
DSoundHelp
DDInternalLock
DDGetAttachedSurfaceLcl

kernel32

WideCharToMultiByte
lstrcmpiA
lstrcpynA
lstrlenA
lstrlenW
VirtualProtect
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindResourceA
FreeLibrary
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GlobalAlloc
GlobalUnlock
HeapFree
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
SizeofResource
TerminateProcess
VirtualAlloc

comctl32

ord17

user32

AnyPopup
BeginPaint
CharNextA
CreateWindowExA
DefWindowProcA
DestroyWindow
EndDialog
GetActiveWindow
GetClassNameA
GetClientRect
GetClipboardSequenceNumber
GetCursorPos
GetDesktopWindow
GetDlgCtrlID
GetFocus
GetParent
GetSysColor
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextLengthA
IntersectRect
InvalidateRect
InvalidateRgn
IsChild
LoadCursorA
LoadStringA
MessageBoxA
RedrawWindow
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
SetCapture
SetCursor
SetFocus
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
SetWindowTextA
ToAsciiEx
wsprintfA

Exports

Exports

CreateEffectFromResourceExW
CreateFontIndirectA
SHEvalDirectionalLight
SHEvalHemisphereLight
SplitMesh
VecAddFontMapper
mpegInFree
mpegSplitOpenFile
mpegSplitSeekTimeTS

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9d83b022aad58f726b51810f8d1565f

Headers

File Characteristics

Imports

advapi32

shell32

ddraw

kernel32

comctl32

user32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 118KB - Virtual size: 118KB

.data Size: 42KB - Virtual size: 42KB

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 118KB - Virtual size: 118KB

.data
Size: 42KB - Virtual size: 42KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 1KB - Virtual size: 1KB