c42200a9125d93e3cf88bec7917c90fc

Sharing

Copy URL Twitter E-mail

General

Target

c42200a9125d93e3cf88bec7917c90fc
Size

284KB
MD5

c42200a9125d93e3cf88bec7917c90fc
SHA1

17ab2f9f6a4251d3748a7a184b00c130b9402321
SHA256

1999226fc35879f229063a5ec91e5c51d951d8a9af3352dd6f5d3b2121072512
SHA512

4a63c79ed4265c25c671d107d8ceb1b966d99176b1af5786596dc27918a248c2200c609618aba828d4b47135ab6e1560d18191b5af70df77d5ef5b44555138d2
SSDEEP

3072:UxBew9Z17X+p4/HViQX2K/jxcV7NB4HlYdiyona8OrFMRdnBUO:UxP9L7X+pMHUIGB4+hx0B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c42200a9125d93e3cf88bec7917c90fc

Files

c42200a9125d93e3cf88bec7917c90fc
.dll windows:4 windows x86 arch:x86

30fbe81eba1519507d03cf0de3a222f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

inet_ntoa
WSASetEvent
WSCGetProviderPath
ntohs
WSAWaitForMultipleEvents
socket
connect
WSAGetLastError
WSACreateEvent
WSAEventSelect
send
recv
inet_addr
htons
getsockname
getpeername
WSCEnumProtocols

kernel32

CreateEventA
LocalAlloc
TlsAlloc
DeleteCriticalSection
GlobalUnlock
GlobalHandle
TlsFree
GlobalLock
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
lstrcatA
lstrcmpA
GetFileAttributesA
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
SetLastError
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
LockResource
LoadResource
FindResourceA
FreeLibrary
GetProcessVersion
MulDiv
GlobalFlags
GetCurrentThread
GetCPInfo
GetOEMCP
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetACP
CreateThread
ExitThread
RaiseException
HeapSize
HeapReAlloc
ExitProcess
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
ResumeThread
SetEvent
GetCurrentProcessId
GetModuleFileNameW
GlobalAlloc
OutputDebugStringA
GlobalFree
GetVersionExA
GetVersion
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
SuspendThread
GetTickCount
CloseHandle
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
LoadLibraryA
ExpandEnvironmentStringsA
InitializeCriticalSection
GetPrivateProfileStringW
GetProcAddress
LoadLibraryW
ExpandEnvironmentStringsW
InterlockedIncrement
InterlockedDecrement
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
DuplicateHandle
GetCurrentProcess
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileA
DeleteFileA
lstrcpyA
FindClose
FindFirstFileA
GetVolumeInformationA
lstrcpynA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
WaitForSingleObject
lstrcmpiA
GetShortPathNameA
GetModuleFileNameA
LocalFree
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetThreadPriority

user32

GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
IsChild
MessageBoxA
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetScrollInfo
EnableWindow
GetScrollInfo
ScrollWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
GetClientRect
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
SetFocus
IsWindow
SetActiveWindow
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
LoadIconA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
IsWindowEnabled
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
GetDesktopWindow
PostQuitMessage
DestroyMenu
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
ShowOwnedPopups
SetCursor
InsertMenuA
DeleteMenu
GetMenuStringA
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
CallNextHookEx
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetSystemMetrics
CharUpperA
wsprintfA
OemToCharA
CharToOemA
PostMessageA
GetActiveWindow
SendMessageA
GetClassLongA
ValidateRect

gdi32

PtVisible
CreateDIBPatternBrushPt
CreatePatternBrush
Escape
ExtTextOutA
TextOutA
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
GetWindowExtEx
GetViewportExtEx
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
CreateRectRgn
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
GetCurrentPositionEx
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
StartDocA
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateBitmap
RectVisible

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey
RegSetValueExA

shell32

DragAcceptFiles
SHGetFileInfoA

comctl32

ord17

Exports

Exports

EnableProxy
ProxyAll
ProxyType
SetDNS
SetGUID
SetGameID
SetHwnd
SetProcType
SetProxyParms
SetProxyType
SetUserPass
WSPStartup
getVersion

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sharedat
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30fbe81eba1519507d03cf0de3a222f8

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Exports

Exports

Sections

.text Size: 136KB - Virtual size: 134KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 12KB - Virtual size: 5.6MB

sharedat Size: 4KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 28KB - Virtual size: 25KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 136KB - Virtual size: 134KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 12KB - Virtual size: 5.6MB

sharedat
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 28KB - Virtual size: 25KB

.rmnet
Size: 60KB - Virtual size: 60KB