8e83926f9bfc87827f9cc9dfefe03500ebe00b8fe8c2ece7bbb6ebb73b50810b

Sharing

Copy URL Twitter E-mail

General

Target

8e83926f9bfc87827f9cc9dfefe03500ebe00b8fe8c2ece7bbb6ebb73b50810b
Size

332KB
MD5

e34e7e826645e6e81b809a02cc320f21
SHA1

7cf77dcee2d666df2b140292ad92166f1a0c28f2
SHA256

8e83926f9bfc87827f9cc9dfefe03500ebe00b8fe8c2ece7bbb6ebb73b50810b
SHA512

2a9e41825f04b00bed5cc6c0a0423746278532f675cfdbdd2a43cf12a4a33f2eb5204087142b610d0b00aae9e7269cde510d9caad02f18b2175e96d4dca527ab
SSDEEP

6144:o/JCtuOr0MQ8WwQU9mEvcDXfx3f/1xYkuy9375dLGZMzFrY:o4gWQ8WEv0p3f/1CkrvRw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e83926f9bfc87827f9cc9dfefe03500ebe00b8fe8c2ece7bbb6ebb73b50810b

Files

8e83926f9bfc87827f9cc9dfefe03500ebe00b8fe8c2ece7bbb6ebb73b50810b
.dll windows:5 windows x86 arch:x86

2067137a606c2f179f20cc619bcf39d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
LocalAlloc
CompareStringA
GetModuleHandleW
GetModuleHandleA
InterlockedIncrement
InterlockedDecrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
FindClose
FindFirstFileA
WaitForSingleObject
GetFileAttributesA
GetFileSizeEx
GetFileTime
EnterCriticalSection
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GlobalGetAtomNameA
lstrcmpA
GlobalAddAtomA
GlobalFlags
GetLocaleInfoA
GlobalDeleteAtom
GetVersionExA
lstrcmpW
GlobalFindAtomA
GetCPInfo
GetOEMCP
RtlUnwind
HeapAlloc
HeapFree
GetCommandLineA
RaiseException
VirtualAlloc
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
Sleep
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetACP
IsValidCodePage
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLastError
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
ReadFile
WriteFile
lstrlenA
CreateFileA
CloseHandle
GetFileSize
GetCurrentProcessId
GetCurrentThreadId
LoadLibraryA
GetProcAddress
FreeLibrary
QueryPerformanceCounter
GetTickCount

user32

SetMenu
MapWindowPoints
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassLongA
GetCapture
WinHelpA
LoadIconA
RegisterWindowMessageA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
DestroyMenu
CopyRect
DefWindowProcA
CallWindowProcA
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
SetForegroundWindow
IsIconic
PostMessageA
SetWindowPos
SetWindowLongA
IsWindow
GetDlgItem
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
GetWindowTextA
CharUpperA
GetWindowThreadProcessId
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
UnhookWindowsHookEx
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
wsprintfA
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
AdjustWindowRectEx
RegisterClassA
SetMenuItemBitmaps

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
UrlUnescapeA

wininet

HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetCheckConnectionA
InternetGetConnectedState
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetSetOptionExA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA

winmm

timeGetTime

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

DeleteDC
DeleteObject
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetMapMode
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetDeviceCaps
RectVisible
TextOutA
ExtTextOutA
Escape
GetStockObject
SelectObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

GetUpdateFileVersion

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2067137a606c2f179f20cc619bcf39d6

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

wininet

winmm

version

oleacc

gdi32

winspool.drv

comdlg32

oleaut32

Exports

Exports

Sections

.text Size: 183KB - Virtual size: 182KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 81KB - Virtual size: 116KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 30KB - Virtual size: 29KB

.text
Size: 183KB - Virtual size: 182KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 81KB - Virtual size: 116KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 30KB - Virtual size: 29KB