c99ce3e2fdb03c6f8dbf049fb2da1c37

Sharing

Copy URL Twitter E-mail

General

Target

c99ce3e2fdb03c6f8dbf049fb2da1c37
Size

92KB
MD5

c99ce3e2fdb03c6f8dbf049fb2da1c37
SHA1

ee64fc6f056270b2d6845d59dc47e4ee429d41bd
SHA256

e7f0706346199624645cd4ee1cacbc32195a69b35d839218fc6e3baf3df8bf2f
SHA512

6339be1733fc6bf620ecacd5f2af61e571a526433d67c2e41046e0a8528c543a2ac39ee8282e816ece30b8a0330c06a8f58d72b34ec8619bde0107c765096f68
SSDEEP

1536:hVAjCe6t+jyMCnuTgtVnOc+C+RbuyYoo7EQUCvOTWe1M4TcaXKOj0QB:hVAjzjybuTgtVOM+RbuyziEQUCWTXKFk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c99ce3e2fdb03c6f8dbf049fb2da1c37

Files

c99ce3e2fdb03c6f8dbf049fb2da1c37
.dll windows:4 windows x86 arch:x86

697e76d95e39ec022eed8dcd7d2259b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memset
memcpy
wcslen
wcscmp
wcsncmp
localtime
mktime
fabs
ceil
malloc
floor
free
fclose
memmove
_vsnwprintf
fmod
sin
cos
abs

kernel32

HeapCreate
HeapDestroy
GetModuleHandleW
GetCurrentThreadId
GetCurrentProcessId
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
HeapAlloc
TlsSetValue
GetTickCount
TlsGetValue
Sleep
HeapFree
InitializeCriticalSection
GetVersionExW
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
GetProcAddress
FreeLibrary
SetLastError
MulDiv
GetLocalTime
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree
HeapReAlloc
DeleteCriticalSection
WaitForMultipleObjects
CloseHandle
GetCurrentThread
DuplicateHandle
CreateSemaphoreA
CreateThread
ReleaseSemaphore
WideCharToMultiByte
MultiByteToWideChar

comctl32

InitCommonControls
InitCommonControlsEx

user32

SendMessageW
RedrawWindow
MessageBoxW
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
GetForegroundWindow
EnableWindow
EnumWindows
DestroyWindow
GetWindowTextLengthW
GetWindowTextW
SetFocus
SetWindowTextW
SendMessageA
GetWindowRect
ScreenToClient
GetWindowLongW
GetIconInfo
SetWindowPos
InvalidateRect
UpdateWindow
ReleaseCapture
BeginPaint
DrawStateW
EndPaint
SetCapture
CallWindowProcW
GetSystemMetrics
CreateWindowExW
SetWindowLongW
ValidateRect
GetParent
MapWindowPoints
GetWindow
GetSysColor
GetSysColorBrush
RemovePropW
ShowWindow
MoveWindow
SetPropW
GetClientRect
GetFocus
FrameRect
DrawFocusRect
GetDC
ReleaseDC
DefWindowProcW
GetPropW
PeekMessageW
TranslateMessage
DispatchMessageW
SetActiveWindow
UnregisterClassW
DestroyAcceleratorTable
LoadIconW
LoadCursorW
RegisterClassW
AdjustWindowRectEx
GetActiveWindow
CreateAcceleratorTableW
IsZoomed
IsIconic
SetCursorPos
LoadImageW
SetCursor
SystemParametersInfoW
GetKeyState
PostMessageW
GetCursorPos
FillRect
EnumChildWindows
DefFrameProcW
MsgWaitForMultipleObjects
GetMessageW
TranslateAcceleratorW
IsChild
GetClassNameW
EnumDisplaySettingsW
OpenClipboard
GetClipboardData
CloseClipboard
EmptyClipboard
SetClipboardData
DestroyIcon
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx

gdi32

GetStockObject
GetObjectType
GetObjectW
DeleteObject
SetBkColor
SetTextColor
CreateRectRgn
SelectClipRgn
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
CreateSolidBrush
CreateDCW
GetDeviceCaps
CreateFontW
GdiSetBatchLimit
GdiGetBatchLimit
SetDIBits
CreateDIBSection
GetObjectA
GetDIBits
CreateBitmap
SetPixel
GetTextExtentPoint32W
SetBkMode
SetTextAlign
TextOutW
SetStretchBltMode
SetBrushOrgEx
StretchBlt
GetPixel
CreateFontIndirectW
GetTextMetricsW

ole32

CoInitialize
RevokeDragDrop

winmm

timeBeginPeriod
timeEndPeriod

Exports

Exports

Plugin_GetAuthor
Plugin_GetDescription
Plugin_GetIconAddress
Plugin_GetIconSize
Plugin_GetName
Plugin_GetSignature
Plugin_GetType
Plugin_GetVersion
Plugin_QuitSignal
Plugin_Start

Sections

.code
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

697e76d95e39ec022eed8dcd7d2259b8

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

ole32

winmm

Exports

Exports

Sections

.code Size: 12KB - Virtual size: 11KB

.text Size: 58KB - Virtual size: 57KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 11KB - Virtual size: 13KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.code
Size: 12KB - Virtual size: 11KB

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 11KB - Virtual size: 13KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB