d36d7de63cb65ce9273f5a8b94d28143

Sharing

Copy URL

Twitter E-mail

General

Target

d36d7de63cb65ce9273f5a8b94d28143
Size

195KB
MD5

d36d7de63cb65ce9273f5a8b94d28143
SHA1

12c8d908498bd9ea6df980d61cb6f7d50413bcfc
SHA256

dc1b05a83899e96d9846298a49f6eba3a10ed987919d343c7c9bb83e4534be61
SHA512

3d82d9a6e0bd6318083263f35a7fcdf4087f8ae85084fa6329e3132d7de64e29e269bd905ff9376b7c7b7e75e34388921cf4da09d96f0d957d989680d6baab3d
SSDEEP

6144:PVoP3PO8ggJtNxDG5DWmSRSKX86indnE5djH:PSPXBJhG5DWmJ9E5dL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d36d7de63cb65ce9273f5a8b94d28143

Files

d36d7de63cb65ce9273f5a8b94d28143
.dll windows:4 windows x86 arch:x86

a9bf395942d66e8808f7f64e7cbde8ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateConsoleScreenBuffer
DisableThreadLibraryCalls
DuplicateHandle
ExitProcess
FlushFileBuffers
GetACP
GetCPInfo
GetCommandLineA
GetConsoleOutputCP
GetEnvironmentStringsA
GetEnvironmentVariableA
GetLocaleInfoW
GetModuleHandleA
GetOEMCP
GetProcessWorkingSetSize
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetVersionExA
HeapAlloc
HeapCreate
HeapReAlloc
LCMapStringA
MultiByteToWideChar
OutputDebugStringA
ReadFile
ReadProcessMemory
RtlUnwind
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TlsAlloc
TlsSetValue
lstrlenW

user32

SetCursor
SetClipboardData
ScrollWindowEx
OffsetRect
MessageBoxA
LoadMenuA
IsWindowVisible
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetDC
GetCursorPos
FindWindowExA
DrawMenuBar
DrawEdge
DispatchMessageA
DestroyIcon
DeleteMenu
DeferWindowPos
DrawFrameControl

advapi32

SetEntriesInAccessListW
EncryptionDisable
ElfOpenEventLogW
CryptDeriveKey
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetEffectiveRightsFromAclA
GetMultipleTrusteeOperationW
GetTrusteeTypeA
IsValidSecurityDescriptor
QueryServiceConfig2A
SetServiceStatus
SetSecurityDescriptorGroup
GetAccessPermissionsForObjectW
RegOpenUserClassesRoot
RegCreateKeyExA

ddraw

DirectDrawCreateEx
GetSurfaceFromDC
DirectDrawCreate

ole32

CoBuildVersion
CoCreateInstance
CoGetMalloc
CoTaskMemFree
IsEqualGUID

Exports

Exports

WaitForMedia

Sections

.text
Size: 129KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9bf395942d66e8808f7f64e7cbde8ff

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ddraw

ole32

Exports

Exports

Sections

.text Size: 129KB - Virtual size: 216KB

.data Size: 60KB - Virtual size: 60KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 129KB - Virtual size: 216KB

.data
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB