b261e3dcce58663df587baf9d3cb39bab27efd96bd6aa68b3e82c942af096abf

Sharing

Copy URL Twitter E-mail

General

Target

b261e3dcce58663df587baf9d3cb39bab27efd96bd6aa68b3e82c942af096abf
Size

771KB
MD5

ba442e9f70faf5b5d836fb42600e42c8
SHA1

1987b49d97f23154956f04a678f16b5f635005d1
SHA256

b261e3dcce58663df587baf9d3cb39bab27efd96bd6aa68b3e82c942af096abf
SHA512

cb2787e38b50d68972f039897f2668890479717db1f9c3da5f6c587f033899f7359539c38065d450364a91bdfe243c297c6fb781dc23859296abba602ca793d8
SSDEEP

12288:BkwZBA54jrEPsdfBwz08f3O9vVvQwjZUOeozOa34MwWsUnSRpY8y:2nhtMVIwjZU8zOa34MwWsUSLE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b261e3dcce58663df587baf9d3cb39bab27efd96bd6aa68b3e82c942af096abf

Files

b261e3dcce58663df587baf9d3cb39bab27efd96bd6aa68b3e82c942af096abf
.dll windows:6 windows x86 arch:x86

b6ef646afc5677092d5f8e7c320742ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

hid

HidD_GetAttributes
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_FlushQueue
HidD_GetSerialNumberString
HidP_GetCaps

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

ws2_32

WSACleanup
WSAStartup
socket
shutdown
setsockopt
send
select
recv
getsockopt
ioctlsocket
connect
closesocket
__WSAFDIsSet
WSAStringToAddressW
bind
htons
inet_addr
WSAGetLastError

kernel32

SetFilePointerEx
FlushFileBuffers
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
HeapQueryInformation
HeapSize
HeapReAlloc
GetConsoleMode
DecodePointer
FreeLibrary
GetProcAddress
RaiseException
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CloseHandle
WideCharToMultiByte
InterlockedDecrement
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrlenW
FindResourceW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrlenA
MultiByteToWideChar
TerminateThread
WaitForSingleObject
CreateEventW
InterlockedIncrement
ResetEvent
IsBadReadPtr
IsBadWritePtr
CreateThread
ResumeThread
SetEvent
WaitForMultipleObjects
WriteFile
GetModuleFileNameW
CreateFileW
GetOverlappedResult
ReadFile
PurgeComm
CancelIo
ClearCommError
SetupComm
GetCommState
SetCommState
SetCommTimeouts
CreateWaitableTimerW
SetWaitableTimer
CancelWaitableTimer
CreateSemaphoreW
GetModuleFileNameA
GetConsoleCP
OutputDebugStringW
LCMapStringW
GetStringTypeW
GetACP
WaitForSingleObjectEx
WriteConsoleW
OutputDebugStringA
GetFileType
GetStdHandle
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
LoadLibraryExW
InterlockedFlushSList
EncodePointer
GetModuleHandleExW
HeapValidate
GetSystemInfo
ExitProcess

user32

CharUpperW
wsprintfW
SendMessageW
CharNextW
LoadStringW
PostMessageW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Exports

Exports

ANRD242_Close
ANRD242_GetLibVersion
ANRD242_Open
PLUG_GetLink

Sections

.text
Size: 600KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6ef646afc5677092d5f8e7c320742ea

Headers

DLL Characteristics

File Characteristics

Imports

hid

setupapi

ws2_32

kernel32

user32

version

Exports

Exports

Sections

.text Size: 600KB - Virtual size: 600KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 9KB - Virtual size: 21KB

.gfids Size: 512B - Virtual size: 296B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 34KB - Virtual size: 34KB

.text
Size: 600KB - Virtual size: 600KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 9KB - Virtual size: 21KB

.gfids
Size: 512B - Virtual size: 296B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 34KB - Virtual size: 34KB