d4934b823e8bba28aa3cc383eb46da6c

Sharing

Copy URL Twitter E-mail

General

Target

d4934b823e8bba28aa3cc383eb46da6c
Size

448KB
MD5

d4934b823e8bba28aa3cc383eb46da6c
SHA1

90a39ebb63c2e7ffb7b5cc5b0787048c9ed9f36b
SHA256

e04dda8965f6586e57bae59c5e237e74bd0604c06a5efb1fb01924e196891bdd
SHA512

a507426300fe3af3fc562040add6953c352d395b689d86255ee4321673af2ff773aa73641c3a86aa0e86e40c3512b5e2426e883e6decc44a4f230a433fbb0664
SSDEEP

12288:Xv/bZ1nE++OhI1ToKxIpdK+YyCbEdFSf://bZ6V8IJhu3K+JCbETSf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4934b823e8bba28aa3cc383eb46da6c

Files

d4934b823e8bba28aa3cc383eb46da6c
.dll windows:5 windows x86 arch:x86

87bd12ebbea92e78191bd26c3968f6cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiGetClassDevsW
SetupDiCreateDeviceInfoListExA
CM_Get_DevNode_Custom_PropertyW
SetupDiClassGuidsFromNameW
SetupDiGetDeviceRegistryPropertyA

winmm

mmTaskCreate
mmTaskBlock
mixerMessage
mixerGetLineInfoW
mixerGetLineControlsA
mixerGetDevCapsW
mixerGetDevCapsA
midiStreamPause
midiStreamOut
midiStreamClose
midiOutLongMsg
mixerSetControlDetails

user32

UnhookWindowsHookEx
SendNotifyMessageA
SendMessageA
RegisterClassA
PostMessageA
GetSystemMetrics
UpdateWindow

version

VerQueryValueA
VerFindFileW
VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerInstallFileW

comdlg32

ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextW
GetFileTitleW
GetSaveFileNameA
LoadAlterBitmap
PageSetupDlgA
ChooseColorW
GetOpenFileNameW

ntdll

ZwOpenThreadToken
ZwCreateSection
RtlWriteRegistryValue
RtlUnicodeToMultiByteSize
RtlSecondsSince1980ToTime
RtlNtStatusToDosError
RtlEqualSid
RtlDecompressFragment
NtUnloadKey
CsrCaptureMessageBuffer
ZwNotifyChangeDirectoryFile

kernel32

Heap32ListNext
WinExec
WaitNamedPipeA
VerLanguageNameW
VerLanguageNameA
TlsGetValue
GlobalUnfix
GetVolumePathNameA
GetTickCount
GetTempPathW
GetSystemWindowsDirectoryW
GetSystemTimeAdjustment
GetSystemDefaultUILanguage
GetProcAddress
GetFileSize
GetComputerNameExW
GetCommandLineW
GetCommandLineA
GetCommTimeouts
FindNextVolumeMountPointA
ExitProcess
DeleteFileA
CreateRemoteThread
ClearCommBreak
HeapAlloc
HeapCreate
IsSystemResumeAutomatic
Module32NextW
Process32NextW
QueryPerformanceFrequency
RaiseException
SetCriticalSectionSpinCount
SetLastError
lstrcmpiA
SetThreadIdealProcessor
Thread32Next
WriteTapemark

msi

ord43
ord30
ord185
ord176
ord228
ord235
ord172
ord51
ord64
ord65
ord77
ord83
ord84
ord85
ord94
ord108
ord110
ord206
ord151

Exports

Exports

AmyBvadxalxmmpctk
Qgowffose
VabpjEDrGjFndib
bfmuopp
cvssabDmVUqnynda
cxuvaQBxzd
imistD
jvd
lllewfqyitZdd
lwZfulzhtaD
nyuglzxytxogwraqlm
owamnXizsCGYrRjiryD
raplivhgPmvTyipy
rwumyscagmkKt
ulhHgctjemi

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 362KB - Virtual size: 667KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87bd12ebbea92e78191bd26c3968f6cd

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

winmm

user32

version

comdlg32

ntdll

kernel32

msi

Exports

Exports

Sections

.text Size: 58KB - Virtual size: 57KB

.data Size: 362KB - Virtual size: 667KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 58KB - Virtual size: 57KB

.data
Size: 362KB - Virtual size: 667KB

.rsrc
Size: 27KB - Virtual size: 26KB