c5bb70ef3e5ab6021c693dc3d36d771a

Sharing

Copy URL Twitter E-mail

General

Target

c5bb70ef3e5ab6021c693dc3d36d771a
Size

442KB
MD5

c5bb70ef3e5ab6021c693dc3d36d771a
SHA1

40d16e120381bc4d7a5cf4dc19e82e8280b8a355
SHA256

2c713306b8d6bf7e81227645f133a69b42c0c3b14f7cea9f94d2dcaff43fa81a
SHA512

2faae7675e89010c95a136647bb00dd084388c2967647daf3a629bd9020392b9776532b4df493fa60dba6ce556cd4f7c09b5ab86621fd935df8f0d54e6b5349b
SSDEEP

12288:bRE0RkkGLo1nJNJihV9v1YSJZf6UQGdqX7:bREzk8orNJil1t8Gs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5bb70ef3e5ab6021c693dc3d36d771a

Files

c5bb70ef3e5ab6021c693dc3d36d771a
.dll windows:4 windows x86 arch:x86

61205d149d24e346f4444f764c969b55

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CopyFileA
EnumResourceLanguagesW
ExitProcess
GetACP
GetCommandLineA
GetLastError
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetTimeFormatA
GetVersionExA
HeapAlloc
LocalAlloc
MultiByteToWideChar
SetLastError
SetUnhandledExceptionFilter
Sleep
VirtualAlloc
VirtualFree
lstrcatA

msvcrt

__p__commode
__set_app_type
exit
malloc
wcscpy
wcslen
_wcsnicmp
__getmainargs

ole32

CoInitialize
CoCreateInstance
CoGetObject
CoTaskMemAlloc
CreateOleAdviseHolder
StringFromGUID2
WriteClassStm
CLSIDFromString

ntdll

NtOpenThread
NtCreateDirectoryObject
NtQueryInformationToken
RtlEnterCriticalSection
RtlOpenCurrentUser
RtlNtStatusToDosError
RtlLeaveCriticalSection
RtlInitUnicodeString
NtDuplicateObject
RtlInitString

shlwapi

AssocCreate
PathAddBackslashW
PathCompactPathW
PathFindFileNameW
PathIsUNCServerShareW
SHDeleteValueW
SHGetValueW
SHSetValueW
StrChrW
StrCmpIW
StrDupW
StrFormatKBSizeW
StrRChrW
StrToIntW

comdlg32

ChooseFontW
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
LoadAlterBitmap
PageSetupDlgA
PageSetupDlgW
PrintDlgW

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_DrawEx
ImageList_GetIcon
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_SetOverlayImage
CreatePropertySheetPageW

winmm

mmDrvInstall
mmGetCurrentTask
mixerGetLineInfoA

oleaut32

OleLoadPicturePath
OleLoadPicture
ClearCustData
OleTranslateColor
VarBstrCat
VarBstrCmp
RegisterTypeLib
RevokeActiveObject
SafeArrayAccessData
SafeArrayAllocData
SafeArrayCreate
SysReAllocString
SafeArrayDestroy
SysFreeString
SysStringLen

user32

CreateMDIWindowA
OffsetRect
LoadAcceleratorsA
GetCursor
wsprintfA
CloseWindow
CreateIconFromResourceEx
EnableMenuItem
EnableScrollBar
EnableWindow

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 410KB - Virtual size: 995KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61205d149d24e346f4444f764c969b55

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ole32

ntdll

shlwapi

comdlg32

comctl32

winmm

oleaut32

user32

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 410KB - Virtual size: 995KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 410KB - Virtual size: 995KB

.rsrc
Size: 21KB - Virtual size: 20KB