c6db24472be47573b476025d07c64373373bd140121eec12679778f80cd6410b

Sharing

Copy URL Twitter E-mail

General

Target

c6db24472be47573b476025d07c64373373bd140121eec12679778f80cd6410b
Size

60KB
MD5

fe4178fe9a8820ccfb5ce2d8a942a889
SHA1

7c6f14633dc5cfa1a137accdba5de8255a750b18
SHA256

c6db24472be47573b476025d07c64373373bd140121eec12679778f80cd6410b
SHA512

68da08494342913319e022188ad174c7e7449dc9edfaae66802c8ed2f1c64f6f3f38bd4e4be31153980ef12d3dfbd3d248f6401efad543d45ba31dcb6006fd1e
SSDEEP

768:rpNzRPHuyl51i6hWwcdc1x6pZ3GgwQe45yOdMlrxfAaZBfaXW2G:rpJdHbjW7dc1xQINQe4xyVlVaXG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6db24472be47573b476025d07c64373373bd140121eec12679778f80cd6410b

Files

c6db24472be47573b476025d07c64373373bd140121eec12679778f80cd6410b
.dll windows:4 windows x86 arch:x86

14c5d28bf0c52c152717ef69fad89021

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

manager

ord185
ord96
ord271
ord212
ord156
ord148
ord104
ord102
ord157
ord199
ord99
ord132
ord188
ord216
ord52

miscutil

ord26
ord27

supersub

ord303
ord131
ord540
ord602
ord254
ord278
ord301
ord417
ord920
ord88
ord413
ord541
ord70
ord69
ord216
ord80
ord279
ord312
ord419
ord89
ord311
ord276
ord707
ord302
ord277
ord215
ord416
ord408
ord412
ord66
ord314
ord410
ord273
ord409
ord65

comdlg32

GetSaveFileNameA

winmm

waveOutClose
waveOutPause
mmioClose
waveOutUnprepareHeader
mciGetErrorStringA
mmioAscend
mmioRead
mmioDescend
waveOutReset
mciSendCommandA
waveOutWrite
mmioWrite
mciSendStringA
waveOutGetNumDevs
midiOutGetNumDevs
mmioOpenA
waveOutRestart
waveOutOpen
waveOutPrepareHeader
mmioSeek

wininet

HttpQueryInfoA
InternetOpenUrlA
InternetReadFile
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetGetLastResponseInfoA
InternetOpenA
InternetCloseHandle

msvcp60

?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

msvcrt

atol
memmove
memset
_access
strcat
strcpy
strlen
strrchr
strcmp
??2@YAPAXI@Z
??1type_info@@UAE@XZ
atoi
__CxxFrameHandler
memcmp
free
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
__lconv_init
_initterm
malloc
_adjust_fdiv
_CxxThrowException

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey

user32

UnregisterClassA
SetWindowLongA
DefWindowProcA
EndPaint
BeginPaint
EnableWindow
GetWindowLongA
ShowWindow
SendMessageA
IsWindow
PostMessageA
SetFocus
SetCapture
UpdateWindow
InvalidateRect
ReleaseCapture
GetWindowWord
DrawFocusRect
ClientToScreen
GetClientRect
GetSysColor
MoveWindow
ScreenToClient
GetParent
GetWindowRect
PtInRect
DialogBoxParamA
KillTimer
wsprintfA
SetDlgItemTextA
EndDialog
LoadStringA
RegisterClassA
DestroyWindow
SetWindowWord
LoadCursorA
CreateWindowExA
SetTimer

gdi32

SelectPalette
RealizePalette
DeleteDC
BitBlt
DeleteObject
Rectangle
GetStockObject
SetROP2
CreateDIBPatternBrush
StretchDIBits
CreateCompatibleDC
SetBrushOrgEx
UnrealizeObject
SelectObject
CreateSolidBrush
CreateCompatibleBitmap
PatBlt

kernel32

lstrlenW
DeleteCriticalSection
InterlockedDecrement
WriteFile
InitializeCriticalSection
OutputDebugStringA
HeapDestroy
WideCharToMultiByte
GetLastError
LockResource
FreeResource
GetShortPathNameA
CreateProcessA
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
CreateFileA
CloseHandle
lstrcpynA
WritePrivateProfileStringA
GetModuleFileNameA
LoadLibraryA
FreeLibrary
GetVersionExA
lstrcmpA
GetTickCount
lstrlenA
lstrcmpiA
lstrcatA
DeleteFileA
lstrcpyA
_hwrite
InterlockedIncrement
MultiByteToWideChar
TerminateThread
LocalFree
FindResourceA
LoadResource
CreateThread

ole32

CoCreateInstance

oleaut32

LoadRegTypeLi
SysAllocString
VariantClear
SysFreeString
SysStringLen

Exports

Exports

AviViewClassProc
HandleTimer
MMIClassProc
ToolEnd
ToolFileHandler
ToolIconClassProc
ToolInit
ToolMsgHandler
ToolNotifyHandler
ToolObjNotifyHandler

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14c5d28bf0c52c152717ef69fad89021

Headers

File Characteristics

Imports

manager

miscutil

supersub

comdlg32

winmm

wininet

msvcp60

msvcrt

advapi32

user32

gdi32

kernel32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 4KB - Virtual size: 3KB