c85ebbb3eb53f635435109ce16441467

Sharing

Copy URL Twitter E-mail

General

Target

c85ebbb3eb53f635435109ce16441467
Size

29KB
MD5

c85ebbb3eb53f635435109ce16441467
SHA1

49dc35453b21e5c8b54c55bec22ca79d29e32df4
SHA256

cf0fb36688fa6c0fb85ba972ef1df236f95674268969da084a3e213c9f31da19
SHA512

01a50e20c17845fc5f2970927afac6c509507413fa7970ff4feae7e4cff6803931b601f1f7bc0dba20d6145080dbeea804a41e63f6c3bff2d20b44bbc461473d
SSDEEP

384:0bRyq0l14mdYs6fTRV71fQqg+2YztVtm29/AWOM9zxyeVgX9vQcz4Lc58r48:0d+ndY5RV71f2IVVN6X9vxkc5Y4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c85ebbb3eb53f635435109ce16441467

Files

c85ebbb3eb53f635435109ce16441467
.dll windows:4 windows x86 arch:x86

ac91486ad0cc815da3c4bc5e6c3c2b72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetForegroundWindow
SetMenu
SetTimer
SetWindowLongA
SetWindowTextA
ShowWindow
TrackPopupMenu
TranslateMessage
UpdateWindow
RegisterClassExA
RegisterClassA
PostMessageA
MoveWindow
MessageBoxExA
MessageBoxA
MessageBeep
LoadMenuA
LoadIconA
LoadCursorA
SetDlgItemTextA
KillTimer
IsRectEmpty
GetWindowTextLengthA
GetWindowRect
GetSystemMetrics
GetSysColor
GetSubMenu
GetMessageA
GetMenuState
GetMenu
GetDlgItemTextA
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
AttachThreadInput
BeginDeferWindowPos
wsprintfA
GetCursorPos
EndDialog
EnableWindow
SendMessageA
LoadBitmapA
SendDlgItemMessageA
DispatchMessageA
DialogBoxParamA
CreateWindowExA
CheckMenuItem
CheckDlgButton
CallWindowProcA

kernel32

GetModuleHandleA
GetModuleHandleW
lstrlenA
lstrcpyA
lstrcmpA
WriteFile
Sleep
RtlZeroMemory
ReadFile
OpenFile
LoadLibraryExA
HeapFree
HeapAlloc
FindFirstFileA
GetModuleFileNameA
GetLocalTime
GetFileSize
GetCurrentDirectoryA
ExitProcess
DeleteFileA
CreateFileA
CloseHandle

comdlg32

GetOpenFileNameA
GetSaveFileNameA

comctl32

ord6
InitCommonControlsEx

shell32

ShellExecuteA
Shell_NotifyIconA

advapi32

RegFlushKey
RegSetValueExA
RegRestoreKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

gdi32

GetPixel
GetStockObject
InvertRgn
SelectObject
GetCharWidthI
GdiFlush
ExtFloodFill
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC

ws2_32

gethostbyname
socket
setsockopt
recv
WSASocketA

ntdll

NtQuerySemaphore
NtPrivilegeCheck
NtAlertThread
NtWaitLowEventPair
RtlGetProcessHeaps

Exports

Exports

oxcentr

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CSEG
Size: 1024B - Virtual size: 814B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 1KB

Sharing

General

Malware Config

Signatures

Files

ac91486ad0cc815da3c4bc5e6c3c2b72

Headers

File Characteristics

Imports

user32

kernel32

comdlg32

comctl32

shell32

advapi32

gdi32

ws2_32

ntdll

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 71KB

CSEG Size: 1024B - Virtual size: 814B

.rsrc Size: 512B - Virtual size: 264B

.reloc Size: - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 71KB

CSEG
Size: 1024B - Virtual size: 814B

.rsrc
Size: 512B - Virtual size: 264B

.reloc
Size: - Virtual size: 1KB