d55230135f27614e2298bf3a1fc7acde

Sharing

Copy URL

Twitter E-mail

General

Target

d55230135f27614e2298bf3a1fc7acde
Size

29KB
MD5

d55230135f27614e2298bf3a1fc7acde
SHA1

bb2f68be43c98ea99ba5a0703f026c010a7dce11
SHA256

12f150fe5597afc069d2811bf6cc85507fcf51dc53b8014f8be68848efb64fde
SHA512

7f1f8a0808bc5b58069ff99b73eb9115cf1893d6cce22ef755e034d9fc1acd23d7b141825ab037a2bd469e5fa17ee4c108b6999edd7fa3b6645519727c7adf8c
SSDEEP

384:B6BLbarAB0nMuyJwPR8cgazB1Ag9LsuJMDcsWTD/k/grQg2SZEcxrP7W6WWr+Lh:B6BGizo1AQLm3WTLggESZEMrPZyt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d55230135f27614e2298bf3a1fc7acde

Files

d55230135f27614e2298bf3a1fc7acde
.dll windows:4 windows x86 arch:x86

a7344455fd25c811e7d111b664932598

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CopyFileA
CloseHandle
lstrlenW
lstrlenA
lstrcpynA
lstrcpyW
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
WriteFile
WinExec
WideCharToMultiByte
VirtualProtect
TerminateThread
Sleep
SetFilePointer
ReadFile
MultiByteToWideChar
LocalFree
LocalAlloc
LoadLibraryA
IsBadWritePtr
IsBadReadPtr
GlobalFree
GlobalAlloc
GetVersionExA
GetTickCount
GetTempPathA
GetTempFileNameA
GetSystemDirectoryA
GetProcAddress
GetModuleFileNameA
GetFileSize
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
FindAtomA
CreateFileA
CreateProcessA
CreateThread
DeleteAtom
DeleteFileA
ExitProcess
ExitThread
AddAtomA

ole32

CreateStreamOnHGlobal

gdi32

CreateBitmap
SetBkMode
SetBkColor
SelectObject
GetObjectA
GetDeviceCaps
GetDIBits
DeleteObject
DeleteDC
CreateSolidBrush
CreateFontA
CreateCompatibleDC
BitBlt

advapi32

AdjustTokenPrivileges
RegSetValueExA
RegOpenKeyExA
RegFlushKey
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA

user32

GetDesktopWindow
GetForegroundWindow
GetWindowDC
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
IsWindow
IsWindowVisible
OpenClipboard
GetClipboardData
ReleaseDC
SendMessageA
SetWindowLongA
GetClientRect
GetClassNameA
CloseClipboard
CreateWindowExA
DrawTextA
EnumChildWindows
EnumWindows
ExitWindowsEx
FillRect

wininet

InternetReadFile
InternetOpenA
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpOpenRequestA

shlwapi

PathIsDirectoryA

crypt32

CertCloseStore
CertDeleteCertificateFromStore
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertGetNameStringA
CertOpenStore
CertOpenSystemStoreA
PFXExportCertStoreEx
CertAddCertificateContextToStore

Exports

Exports

s

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7344455fd25c811e7d111b664932598

Headers

File Characteristics

Imports

kernel32

ole32

gdi32

advapi32

user32

wininet

shlwapi

crypt32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: - Virtual size: 116KB

.rsrc Size: 1024B - Virtual size: 960B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: - Virtual size: 116KB

.rsrc
Size: 1024B - Virtual size: 960B

.reloc
Size: 2KB - Virtual size: 2KB