e063dfb967040382fbcc88dad240c8df

Sharing

Copy URL Twitter E-mail

General

Target

e063dfb967040382fbcc88dad240c8df
Size

76KB
MD5

e063dfb967040382fbcc88dad240c8df
SHA1

3372d81b66b8fc22075df1643f851ecc885dc990
SHA256

357ebc48e2d7be3ff178cbfcaafbe462bad1f588f4e8812becd717bcde849fea
SHA512

9474c44f058069707e9e2815da99138ebefee0b6bd148123c0606824215f437f9c19a70ab8776be6bbe56fc75ed602f073d4929e2be7470c9087d1a0b956e107
SSDEEP

1536:OBegYVTRAY1hv6q/Cy/Omye23L99fmvt24CXrC7kj:39RdvmyWNeqLC124CA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e063dfb967040382fbcc88dad240c8df

Files

e063dfb967040382fbcc88dad240c8df
.dll windows:4 windows x86 arch:x86

f953573bae0e9b925aeecef94864d1d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

PulseEvent
FileTimeToLocalFileTime
GetWindowsDirectoryW
QueueUserWorkItem
DeleteFileW
MoveFileA
IsValidLocale
LCMapStringW
GetProfileSectionA
SetErrorMode
GetTimeFormatA
SetSystemTime
SystemTimeToFileTime
AddAtomA
SetVolumeLabelW
GetFileInformationByHandle
OpenEventA
GetFileSizeEx
DeleteTimerQueueTimer
RaiseException
GetFullPathNameW
GetVersionExA
FlushFileBuffers
SearchPathA
GetVersionExW
RtlMoveMemory
HeapDestroy
Beep
FindAtomA
GetDiskFreeSpaceExW
LoadResource
GetFileSize
lstrcmpW
FillConsoleOutputAttribute
FormatMessageW
OpenFile
CancelWaitableTimer
SetEndOfFile
RemoveDirectoryA
GlobalGetAtomNameA
PeekConsoleInputW
RtlUnwind
GlobalAlloc
LocalHandle
GetShortPathNameW
DisconnectNamedPipe
FindVolumeClose
GetProfileStringW
HeapSetInformation
IsWow64Process
HeapSize
AddAtomW
SetProcessShutdownParameters
VirtualAlloc
CreateJobObjectW
ResumeThread
GetConsoleScreenBufferInfo
EnumResourceNamesW
OpenSemaphoreW
ReadConsoleInputA
WaitForMultipleObjectsEx
SetVolumeMountPointW
OpenEventW
WaitNamedPipeW
GetSystemWindowsDirectoryA
GetThreadContext
ResetEvent
LocalUnlock
GetHandleInformation
FormatMessageA
GetVolumeInformationA
GetStringTypeA
FlushViewOfFile
GetVolumeNameForVolumeMountPointW
CreateMutexW
GetProfileIntW
TransactNamedPipe
CreateMailslotA
UnlockFileEx
ReadDirectoryChangesW
SuspendThread
FileTimeToDosDateTime
WriteProfileStringW
SetFileApisToOEM
FindCloseChangeNotification
HeapCompact
GetComputerNameW
VirtualFree
CreateDirectoryW
OpenMutexA
GetEnvironmentStrings
SearchPathW
CreateIoCompletionPort
SetFilePointer
InterlockedExchangeAdd
ReleaseSemaphore
GlobalReAlloc
GlobalMemoryStatus
SleepEx
ExitThread
GetModuleHandleExW
CreateNamedPipeA
GetExitCodeProcess
GetLargestConsoleWindowSize
ReadConsoleW
GetStringTypeExA
GetComputerNameExW
GlobalGetAtomNameW
GetSystemWow64DirectoryW
SetNamedPipeHandleState
SetConsoleScreenBufferSize
EscapeCommFunction
WriteProcessMemory
GetDiskFreeSpaceW
GetStartupInfoA
FindNextFileW
GetUserDefaultUILanguage
SetDefaultCommConfigW
GetFullPathNameA
SetConsoleTitleA
SetFileTime
GetAtomNameW
SetConsoleCursorPosition
SetEnvironmentVariableA
GetUserDefaultLCID
GetDefaultCommConfigW
GetDriveTypeA
GetCurrentProcessId
IsBadStringPtrA
GetDriveTypeW
CreateProcessA
InterlockedExchange
GetProcAddress
UnmapViewOfFile
CreateDirectoryA
MoveFileExA
lstrlenW
EnterCriticalSection
GetModuleHandleA
CopyFileA
LeaveCriticalSection
MapViewOfFile
WaitForSingleObject
VirtualProtect
HeapValidate
LoadLibraryA
GetComputerNameA
InitializeCriticalSection
CreateThread
VirtualQuery
CreateMutexA
GetVersion
GetProcessHeap

shlwapi

PathIsDirectoryW
SHDeleteValueW
PathRemoveBlanksW
PathIsNetworkPathW
PathCompactPathW
StrChrA
PathCreateFromUrlW
AssocQueryStringW
SHRegSetUSValueW
PathFindExtensionA
PathGetArgsW
SHRegGetBoolUSValueW
SHCreateStreamOnFileW
PathGetDriveNumberW
wvnsprintfW
PathGetCharTypeW
StrCmpNW
SHAutoComplete
UrlCombineW
SHDeleteKeyA
PathIsURLW
StrRetToStrW
PathAppendW
SHSetValueA
PathStripPathW
PathRemoveFileSpecW
AssocCreate
PathParseIconLocationW
SHRegGetValueW
StrStrA
PathIsUNCServerShareW
PathAddBackslashA
StrStrW
PathQuoteSpacesW
PathAppendA
StrStrIA

gdi32

GetObjectType
CreateBitmap
GetTextCharset
SelectObject
ExtCreatePen
RemoveFontResourceA
PatBlt
EndPage
SetAbortProc
CreatePenIndirect
GetLayout
StartDocA
SetPixel
GetViewportExtEx
SetColorAdjustment
OffsetRgn
ResetDCA
PolyPolygon
GetBitmapDimensionEx
GetTextExtentExPointW
DeleteEnhMetaFile
GetEnhMetaFileA
SetViewportOrgEx
CreateFontIndirectA
SetStretchBltMode
EnumFontFamiliesExA
SetPixelV
PlayMetaFile
PtInRegion
ArcTo
PaintRgn
CreateICA
SetMetaFileBitsEx
ResizePalette
GetWindowExtEx
Arc
SetLayout
GetRegionData
CreateCompatibleBitmap
CopyEnhMetaFileA
DeleteDC
GetKerningPairsA
DPtoLP
CreateMetaFileW
CreatePatternBrush
CloseFigure
CreateHalftonePalette
GetViewportOrgEx
GetNearestColor
PlayMetaFileRecord
CreatePen
GetSystemPaletteUse
SetViewportExtEx
PolyPolyline
GetWindowOrgEx
GetWorldTransform
GetFontData
GetRgnBox
GetROP2
SetROP2
Polygon
TextOutW
CreateDCW

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f953573bae0e9b925aeecef94864d1d6

Headers

File Characteristics

Imports

kernel32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 984B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 984B

.reloc
Size: 4KB - Virtual size: 2KB