c4ba30f19a9a2ab3e04f3394394ed043

Sharing

Copy URL

Twitter E-mail

General

Target

c4ba30f19a9a2ab3e04f3394394ed043
Size

245KB
MD5

c4ba30f19a9a2ab3e04f3394394ed043
SHA1

167c1b83781318e4493fbf67dd585fdda7ae64e7
SHA256

e08508c19e45b0dd88b944cdb57be2c8065568b27f69db269c7de1e4c645c761
SHA512

c0bda42620d9ffd15b831d70c76dec2855628c293c3b6e17682d622161334cac77d49347c6fe46f905c267e7b195e5c017ff3b9b008c310a842d8c21aa97fd64
SSDEEP

6144:4ZDcw2rydpBVX9fxQmAL0qF5Q2hQxblEu1S:4ZAwkydpBRdxQmAXS0mblH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4ba30f19a9a2ab3e04f3394394ed043

Files

c4ba30f19a9a2ab3e04f3394394ed043
.dll windows:4 windows x86 arch:x86

d028f1df8b2eb9656ef510f4a74f824a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

inet_ntoa
gethostbyname
WSACleanup
WSASetLastError
WSAStartup
htonl
WSAGetLastError
inet_addr
getservbyname
htons
gethostbyaddr
ntohs
getservbyport

kernel32

LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
DeleteCriticalSection
GlobalHandle
SizeofResource
GetThreadLocale
DuplicateHandle
CreateFileA
ReadFile
WriteFile
SetFilePointer
GetOEMCP
LockFile
GetCPInfo
FlushFileBuffers
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesA
GetFileSize
GetFileTime
SetErrorMode
FileTimeToSystemTime
InitializeCriticalSection
GetTickCount
lstrcpynA
TlsAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
HeapAlloc
RaiseException
GetStartupInfoA
GetCommandLineA
TerminateProcess
SetStdHandle
GetFileType
HeapSize
HeapReAlloc
GetACP
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange
GetProfileStringA
GlobalFree
GlobalAlloc
GetCurrentThread
WideCharToMultiByte
FormatMessageA
MultiByteToWideChar
GlobalLock
InterlockedDecrement
InterlockedIncrement
SetLastError
GlobalUnlock
MulDiv
LockResource
FindResourceA
LoadResource
GlobalGetAtomNameA
GetVersion
GetCurrentThreadId
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
FreeLibrary
GetModuleHandleA
GetSystemDirectoryA
LoadLibraryA
lstrcmpA
Sleep
GetCurrentProcess
CreateMutexA
GetVersionExA
LocalFree
GetLastError
LocalAlloc
lstrcmpiA
CloseHandle
WinExec
WritePrivateProfileStringA
GetPrivateProfileSectionA
ExitProcess
lstrlenA
lstrcpyA
GetPrivateProfileIntA
GetModuleFileNameA
GetTempPathA
lstrcatA
GetPrivateProfileStringA
GetProcAddress
RtlUnwind
OutputDebugStringA
UnlockFile
SetEndOfFile
FileTimeToLocalFileTime

gdi32

SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA
GetClipBox
SetBkColor
CreateDIBitmap
GetTextExtentPointA
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
DeleteObject
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetDeviceCaps
CreateSolidBrush
CreatePatternBrush
RectVisible
TextOutA
PtVisible
Escape
StretchDIBits
ExtTextOutA
CreateCompatibleBitmap
GetCharWidthA
CreateCompatibleDC
GetTextExtentPoint32A
GetTextMetricsA
CreateFontA
GetTextColor
GetBkColor
CreateFontIndirectA
LPtoDP
BitBlt
DPtoLP
PatBlt
SetRectRgn
GetMapMode
CreateRectRgnIndirect
CombineRgn
SetTextAlign
IntersectClipRect
ExcludeClipRect

comdlg32

GetFileTitleA

winspool.drv

EnumPortsA
EnumPrintersA
ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyExA
RegEnumValueA
RegQueryInfoKeyA
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
OpenProcessToken
RegEnumKeyExA
RegCloseKey

comctl32

ord17

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CoRevokeClassObject
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleFlushClipboard
CLSIDFromString
CLSIDFromProgID

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
VariantCopy
SysAllocString
VariantChangeType
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 217KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d028f1df8b2eb9656ef510f4a74f824a

Headers

File Characteristics

Imports

ws2_32

kernel32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 217KB - Virtual size: 440KB

.bss Size: - Virtual size: 472KB

.pdata Size: 4KB - Virtual size: 4KB

.idata Size: 6KB - Virtual size: 6KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 217KB - Virtual size: 440KB

.bss
Size: - Virtual size: 472KB

.pdata
Size: 4KB - Virtual size: 4KB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 17KB - Virtual size: 16KB