c8423bae82b751d884c5a58ff3c31211

Sharing

Copy URL

Twitter E-mail

General

Target

c8423bae82b751d884c5a58ff3c31211
Size

204KB
MD5

c8423bae82b751d884c5a58ff3c31211
SHA1

a539286e88be5c544e104c9ce80a0c7f609c98ff
SHA256

540068c80ffa28a769d386c8912c8ceaa0154c24b0c35d3c0df1885ef5c7762d
SHA512

96a7ffa4c7b1ff9df8f690552e0e85b7e505927b0048eda54d01af2e6ffe2b647e1f7944b964dfb1dc1ee26583eb5a44f6b36e3fe95c7c3cdeb30b4354cd25f7
SSDEEP

6144:EXYg7KiFGgQzsqZWpbpGRyuvGCIqqDLu:yG9s0v+CNqnu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8423bae82b751d884c5a58ff3c31211

Files

c8423bae82b751d884c5a58ff3c31211
.dll windows:4 windows x86 arch:x86

bbce56e8a6e95d6efe19178ef9787e15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetNumberFormatW
GetConsoleOutputCP
FormatMessageW
WriteConsoleW
GetStdHandle
FileTimeToSystemTime
GetModuleFileNameW
GetComputerNameExW
ExitProcess
SetConsoleMode
ReadFile
ReadConsoleW
GetProcessHeap
HeapValidate
CompareStringA
GetThreadLocale
CompareStringW
GetFileType
GetConsoleMode
DisableThreadLibraryCalls
InterlockedExchange
Sleep
InterlockedCompareExchange
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
GetDateFormatW
LCMapStringA
HeapSize
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
HeapAlloc
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
WriteFile
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetModuleFileNameA
GetStartupInfoA
SetHandleCount
GetModuleHandleA
VirtualQuery
GetVersionExA
RtlUnwind
GetTimeFormatW
GetCurrentThreadId
LocalUnlock
LocalLock
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
GlobalSize
lstrcpyA
lstrcmpiA
GlobalGetAtomNameA
lstrcatA
lstrcmpA
InterlockedDecrement
InterlockedIncrement
CreateMutexW
CreateFileW
LocalAlloc
DeviceIoControl
GetSystemInfo
LocalFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
WideCharToMultiByte
lstrlenW
RaiseException
lstrlenA
MultiByteToWideChar
CloseHandle
MapViewOfFile
UnmapViewOfFile
GetSystemDefaultLangID
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
WaitForSingleObject
ReleaseMutex
LockResource
LoadResource
FindResourceExW
LoadLibraryW
FreeLibrary
GetProcAddress
GetModuleHandleW
VirtualProtect
LCMapStringW
GetCommandLineA

user32

SetPropA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumPropsA
CreateWindowExA
PostMessageA
SetWindowLongA
SetWindowWord
RegisterDeviceNotificationW
LoadStringW
WinHelpW
DialogBoxParamW
wsprintfW
PostMessageW
FindWindowW
CheckDlgButton
MoveWindow
EndDialog
PostQuitMessage
UnregisterDeviceNotification
SetWindowTextW
GetPropA
CallWindowProcW
ValidateRect
ReleaseDC
IsWindowUnicode
SetWindowLongW
SetWindowPos
GetWindowRect
GetDlgItem
DrawFocusRect
GetSysColor
FillRect
DrawIconEx
DrawStateW
DrawFrameControl
IsWindowVisible
MonitorFromPoint
GetMonitorInfoW
DefWindowProcW
IsWindow
LoadIconW
GetDC
KillTimer
SendMessageW
RemovePropA
DefWindowProcA
UnpackDDElParam
GetWindowLongA
CharUpperW
GetDesktopWindow
SystemParametersInfoW
GetSysColorBrush
FrameRect
GetDlgCtrlID
PtInRect
DrawEdge
ClientToScreen
SetCursorPos
ReleaseCapture
SetCapture
GetParent
BeginPaint
GetCursorPos
ScreenToClient
DrawTextW
EndPaint
GetScrollInfo
SetScrollInfo
EnableScrollBar
InvalidateRect
SendMessageA
UpdateWindow
GetWindow
DestroyWindow
SetTimer
GetWindowLongW
GetClientRect
GetSystemMetrics
LoadImageW
CreateWindowExW
GetClassInfoExW
LoadCursorW
RegisterClassExW

advapi32

RegSetValueExW
RegQueryValueExW
RegCloseKey
GetSidSubAuthority
GetSidSubAuthorityCount
IsValidSid
GetTokenInformation
OpenProcessToken
RegOpenKeyExW
RegOpenKeyA
RegQueryValueA
OpenSCManagerW
OpenServiceW
LookupAccountNameW
SetServiceObjectSecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
QueryServiceObjectSecurity
GetSecurityDescriptorDacl
CloseServiceHandle
RegCreateKeyExW

gdi32

DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
SetBkMode
GetTextExtentPoint32W
CreateSolidBrush
GetObjectW
DeleteObject
CreateFontIndirectW
SetTextColor
SetBkColor
GetStockObject
SelectObject
GetTextMetricsW
EnumFontFamiliesExW
LineTo
MoveToEx
CreatePen
GetLayout
ExtTextOutW
GetTextExtentPointA
CopyEnhMetaFileA
CopyMetaFileA
DeleteMetaFile
DeleteEnhMetaFile
BitBlt

ole32

CoTaskMemFree
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance

rpcrt4

RpcBindingSetOption
RpcStringFreeW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcBindingSetAuthInfoW
NdrClientCall2

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbce56e8a6e95d6efe19178ef9787e15

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 20KB - Virtual size: 61KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 20KB - Virtual size: 61KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 7KB