971dc097dd26da92349c368acf1b21b948db3a270cd4f7e5679f922b1346e5b3

Sharing

Copy URL Twitter E-mail

General

Target

971dc097dd26da92349c368acf1b21b948db3a270cd4f7e5679f922b1346e5b3
Size

467KB
MD5

49760d68b79ee1759eb0b7a76887377b
SHA1

92dd5453520e6e97b9fa34613b8440b363a4d720
SHA256

971dc097dd26da92349c368acf1b21b948db3a270cd4f7e5679f922b1346e5b3
SHA512

364c68051d5edf2571184dfeeaa466e718e4c74a225631986326dadda90d91d3db3fda4293ca1ef07b9e1197e4ab10cd7a88a5ba1affc1f735a307b88c51fdcf
SSDEEP

6144:qB1onPicgqfOmIWwT405wNZBcVOSz5t0p4QV3MHSJAaAUHoRYL:WKPiIOmIW8ILMM4QuHSJAaAUH+YL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
971dc097dd26da92349c368acf1b21b948db3a270cd4f7e5679f922b1346e5b3

Files

971dc097dd26da92349c368acf1b21b948db3a270cd4f7e5679f922b1346e5b3
.dll windows:6 windows x86 arch:x86

3d38157c6144260a067409805b253663

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDefaultLangID
ExitProcess
IsDebuggerPresent
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
HeapReAlloc
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
GetOEMCP
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeW
GetCurrentProcessId
GetModuleFileNameA
GetFileType
GetStdHandle
HeapSize
GetModuleHandleExW
GetProcessHeap
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcess
SetLastError
SetUnhandledExceptionFilter
CreateThread
WinExec
GetLocalTime
CreateNamedPipeA
CreateFileW
RtlCaptureContext
HeapCreate
LeaveCriticalSection
HeapDestroy
FormatMessageW
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
FindResourceW
GetCPInfo
SetFilePointer
GetTempFileNameW
LocalFree
GetExitCodeProcess
GetWindowsDirectoryW
GetExitCodeThread
RaiseException
TerminateProcess
Sleep
GetSystemDefaultUILanguage
FindFirstFileW
GetDateFormatW
WideCharToMultiByte
GetSystemDirectoryW
ResetEvent
MulDiv
GetFileAttributesA
GetTickCount
QueryPerformanceCounter
SetDllDirectoryW
UnmapViewOfFile
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsProcessorFeaturePresent
EncodePointer
DecodePointer
EnterCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetLastError
HeapFree
GetCommandLineA
GetCurrentThreadId
RtlUnwind
HeapAlloc

user32

GetDlgCtrlID
ToAsciiEx
RemovePropA
SetFocus
EnumWindows
DestroyCaret
FlashWindow
EndMenu
SetTimer
SetScrollPos
KillTimer
MsgWaitForMultipleObjects
GetDC
CreateDialogIndirectParamA
LoadMenuW
GetWindowLongW
EnumChildWindows
CreateCaret
GetClientRect
CreateIconIndirect
ShowCursor
EndPaint
SetCursor
GetMessageA
IsIconic
AttachThreadInput
CharLowerBuffW
SetParent
BeginPaint
SetScrollRange
GetKeyboardLayout
ReleaseDC
DestroyCursor
GetMenuItemCount
GetKeyboardType
SetWindowTextA
ValidateRgn
LoadCursorA
MapDialogRect
CreateMenu
AppendMenuA
BeginDeferWindowPos
CopyRect
CharUpperBuffW
SetKeyboardState
MessageBoxA
SetWindowLongW
DefWindowProcA
SendDlgItemMessageW

gdi32

GetTextExtentPoint32A
GetRgnBox
DeleteObject
Ellipse
GetObjectType
PatBlt
SetViewportOrgEx
GetCharacterPlacementW
GetEnhMetaFileHeader
PtInRegion
CombineRgn
SetLayout
GetTextExtentPoint32W
CreateBrushIndirect
CloseEnhMetaFile
PolyPolygon
GetStockObject
GetWindowOrgEx
CreateBitmapIndirect
CreateHalftonePalette
ExtCreateRegion
Polyline
Polygon

comdlg32

FindTextW

advapi32

ChangeServiceConfigW
StartServiceW
EqualSid
AdjustTokenPrivileges
GetUserNameA
RegGetKeySecurity
LookupPrivilegeValueW
SetSecurityDescriptorDacl
RegCloseKey
RegQueryValueExW

ole32

CoTaskMemFree

Sections

.text
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 814KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d38157c6144260a067409805b253663

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

Sections

.text Size: 354KB - Virtual size: 354KB

.rdata Size: 78KB - Virtual size: 77KB

.data Size: 19KB - Virtual size: 814KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 354KB - Virtual size: 354KB

.rdata
Size: 78KB - Virtual size: 77KB

.data
Size: 19KB - Virtual size: 814KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 14KB - Virtual size: 13KB