d4eab6dbcc15a522a8b47b97b8755e97

Sharing

Copy URL Twitter E-mail

General

Target

d4eab6dbcc15a522a8b47b97b8755e97
Size

104KB
MD5

d4eab6dbcc15a522a8b47b97b8755e97
SHA1

6ac647965b4bad32ee7b03dcc97896670763397f
SHA256

8fad8a6865e068f653d072222dbc3e01114eee35d52b1de25e435d297942c38a
SHA512

8fcd2ae0e53c8b381d3004cf754e78082eae72f06ea9b42c4635640b6bc4ca10e070fdfb3746f5107841bc31538e260462e0b6cde4f8d2a3639a607c4b4df3c7
SSDEEP

1536:xdnkaW2SRUfkJ8tU9AVz6zDprN4+d74Kurk+i2MdMJOM3wq+lEwDEsl8Z:xdnk3akJ8NZ6zRN448KWk+MMiEml8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4eab6dbcc15a522a8b47b97b8755e97

Files

d4eab6dbcc15a522a8b47b97b8755e97
.dll windows:4 windows x86 arch:x86

71391c7c9cd9805af8fbeb6c61066123

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
CreateThread
GetModuleHandleW
GetLocalTime
GetSystemTime
LCMapStringW
GetProcessHeap
SetEvent
Sleep
IsDBCSLeadByte
GetTickCount
GetACP
lstrcmpiA
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
FormatMessageW
LCMapStringA
HeapSize
LoadLibraryA
GetCPInfo
GetOEMCP
UnhandledExceptionFilter
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
GetModuleHandleA
VirtualProtect
GetCommandLineA
MultiByteToWideChar
GetProcAddress
ExitProcess
HeapAlloc
HeapFree
RtlUnwind
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
InterlockedExchange
VirtualQuery
GetSystemInfo

user32

PtInRect
wsprintfA
CharUpperA
DefWindowProcW
UnregisterClassW
DestroyWindow
GetMessageW
CreateWindowExW
RegisterClassW
DialogBoxParamW
SetWindowTextW
LoadIconW
GetDC
DrawIcon
ReleaseDC
GetCursorPos
LoadStringW
MessageBoxW
SetFocus
SendMessageW
EndDialog
GetDlgItem
GetWindowPlacement
SetWindowPlacement
ShowWindow
LoadBitmapW
EnableWindow
ScreenToClient

advapi32

CryptReleaseContext
CryptAcquireContextW

ole32

CoTaskMemAlloc

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71391c7c9cd9805af8fbeb6c61066123

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 1024B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 1024B

.reloc
Size: 4KB - Virtual size: 3KB