e0234a9ca036fdb4dc64702beb07e3a9

Sharing

Copy URL Twitter E-mail

General

Target

e0234a9ca036fdb4dc64702beb07e3a9
Size

84KB
MD5

e0234a9ca036fdb4dc64702beb07e3a9
SHA1

47b54f10192ce0748c7eb171fca4569f7905a150
SHA256

462473c1af56b8461668755085cfdc1918f4f6e4a463a79f6aeecc3888ad0a1a
SHA512

4889b94743c8daaec7d65f38a05aaf03d0acfaafc9d8b199cab8c763e1959c0969de785ff9d94aace545547510d4bbb7ee7cc1dded992b8f3fbc553d7e9d3595
SSDEEP

1536:rIstYQJaxNqEba8zKmJmiJVYYpHYPLAXD97pnDz1GrOWoJEBhrGfxCGNUOU:rIstYGaxsqHhPHCLAXB7pnHjihifxJU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0234a9ca036fdb4dc64702beb07e3a9

Files

e0234a9ca036fdb4dc64702beb07e3a9
.dll windows:4 windows x86 arch:x86

4061e1afee19771cb3d8c82c3d22ef1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
EscapeCommFunction
FillConsoleOutputCharacterW
GetComputerNameW
GetVersion
SetFilePointerEx
GetThreadPriority
SystemTimeToFileTime
FreeLibraryAndExitThread
ReadFileEx
GetModuleHandleExW
VerifyVersionInfoA
SetDefaultCommConfigW
FindResourceExA
ReplaceFileW
HeapCreate
GetExitCodeProcess
FindNextFileA
GetSystemWow64DirectoryW
PulseEvent
SetStdHandle
ExitThread
SetWaitableTimer
RtlUnwind
lstrcmpW
SetProcessWorkingSetSize
EnumUILanguagesW
SystemTimeToTzSpecificLocalTime
GetFileAttributesA
SetConsoleWindowInfo
ReleaseActCtx
PurgeComm
CreateFileW
RemoveDirectoryW
GetTimeFormatW
SetCommMask
TransmitCommChar
LockResource
GlobalGetAtomNameA
OpenProcess
CompareStringW
CreateEventA
BeginUpdateResourceA
WideCharToMultiByte
EnumResourceNamesW
EnumResourceLanguagesW
ProcessIdToSessionId
AssignProcessToJobObject
SizeofResource
IsWow64Process
GetCommandLineW
WriteProfileStringA
CreateActCtxW
GetTempFileNameA
SetHandleInformation
lstrcatW
BackupRead
PeekConsoleInputA
ResetEvent
IsBadCodePtr
SetFilePointer
GlobalMemoryStatusEx
GetCommandLineA
InitializeCriticalSectionAndSpinCount
lstrlenW
InterlockedCompareExchange
CopyFileA
GetCurrentProcessId
EnterCriticalSection
LoadLibraryA
GetProcAddress
GetCommModemStatus
GetTickCount

advapi32

RegSetValueExA
IsTokenRestricted
RegDeleteKeyW
SaferSetLevelInformation
EnumServicesStatusA
OpenSCManagerA
RegQueryValueW
QueryServiceConfig2W
OpenServiceA
DeregisterEventSource
DuplicateTokenEx
ReportEventA
RegisterEventSourceA
LogonUserA
StartServiceA
MakeSelfRelativeSD
RegEnumKeyA
RegLoadKeyA
RegEnumKeyW
QueryServiceConfigW
ClearEventLogW
CredDeleteW
RegOpenKeyExW
SetSecurityInfo

gdi32

PolyDraw
PlayEnhMetaFile
SetColorAdjustment
SetBitmapBits
GetTextExtentPointA
GetTextFaceA
GetTextCharacterExtra
SetTextAlign
GetDCOrgEx
SetBkMode
GetObjectType
DeleteEnhMetaFile
GetEnhMetaFileBits
CreateDIBPatternBrushPt
PtInRegion
SetPaletteEntries
LineTo
SetWorldTransform
CreateHalftonePalette
GetTextCharsetInfo
CreateBitmapIndirect
EndPage
CreateICA
EnumFontFamiliesW
AbortPath
StretchDIBits
Arc
GetMetaFileBitsEx
PlayMetaFileRecord
SetTextCharacterExtra
InvertRgn
SetMetaFileBitsEx

Exports

Exports

MSNcfgclass

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4061e1afee19771cb3d8c82c3d22ef1e

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB