790ffa4a97f1d6389bfc265e06c606a66747d75f36efd36f347d7930700e4522

Sharing

Copy URL

Twitter E-mail

General

Target

790ffa4a97f1d6389bfc265e06c606a66747d75f36efd36f347d7930700e4522
Size

202KB
MD5

7e2e9508b3c288a217a723e41dad9506
SHA1

1c23e74a0e412160b4a7f8f02913f76466818ac7
SHA256

790ffa4a97f1d6389bfc265e06c606a66747d75f36efd36f347d7930700e4522
SHA512

883233c2506fc68db7e57a239d79caa4db1efb147f5c59294936f991549efa39b1836ae0f08e5f9aecd3171bc5831222007223c01cd27c15874c766ce6e62479
SSDEEP

3072:JePTAD1TLmUFm81sBfNZy7wP+K3Ae4mTtf3R1zBXyn+AJceU+:JePC72y7wPeeftfBp0++7U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
790ffa4a97f1d6389bfc265e06c606a66747d75f36efd36f347d7930700e4522

Files

790ffa4a97f1d6389bfc265e06c606a66747d75f36efd36f347d7930700e4522
.dll windows:5 windows x86 arch:x86

e6ab52d3171e81c8bde7799e39f90bcd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapDestroy
LeaveCriticalSection
HeapCreate
EnterCriticalSection
DeleteCriticalSection
WaitForSingleObject
SetEvent
Sleep
CreateEventA
GetLastError
CloseHandle
GetCurrentThreadId
SwitchToThread
SetLastError
WideCharToMultiByte
lstrlenW
InterlockedExchange
ResetEvent
CreateEventW
CancelIo
TryEnterCriticalSection
SetWaitableTimer
CreateWaitableTimerW
GetFileSize
CreateMutexW
GlobalSize
GlobalLock
GetModuleHandleW
GetTickCount
GlobalAlloc
GetConsoleWindow
ReadFile
CreateFileW
GlobalUnlock
GlobalFree
GetLocalTime
lstrcatW
ReleaseMutex
DeleteFileW
InitializeCriticalSectionAndSpinCount
CreateThread
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryW
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
InterlockedCompareExchange
HeapFree
InterlockedDecrement
InterlockedIncrement
HeapAlloc
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FlushFileBuffers
FreeEnvironmentStringsW
GetModuleFileNameA
GetStartupInfoW
GetFileType
SetHandleCount
GetLocaleInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetModuleFileNameW
GetStdHandle
WriteFile
GetProcAddress
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExitProcess
VirtualFree
HeapReAlloc
HeapSize
GetProcessHeap
EncodePointer
DecodePointer
InitializeCriticalSection
ExitThread
GetCommandLineA
RaiseException
RtlUnwind
CompareStringW
MultiByteToWideChar
GetCPInfo
LCMapStringW
TerminateProcess
GetCurrentProcess

user32

PeekMessageW
TranslateMessage
MsgWaitForMultipleObjects
wsprintfW
GetKeyState
SetClipboardData
OpenClipboard
GetDesktopWindow
EmptyClipboard
GetWindowTextW
GetClipboardData
GetForegroundWindow
CloseClipboard
DispatchMessageW

advapi32

RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyW

shell32

SHGetFolderPathW

ws2_32

recv
WSACleanup
gethostbyname
send
setsockopt
htons
select
WSAStartup
connect
WSAIoctl
WSAWaitForMultipleEvents
WSAResetEvent
WSASetLastError
WSACreateEvent
shutdown
WSAEventSelect
WSAEnumNetworkEvents
WSAGetLastError
WSACloseEvent
closesocket
socket

winmm

timeGetTime

dinput8

DirectInput8Create

Exports

Exports

Main
run

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6ab52d3171e81c8bde7799e39f90bcd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

winmm

dinput8

Exports

Exports

Sections

.text Size: 142KB - Virtual size: 142KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 23KB - Virtual size: 31KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 142KB - Virtual size: 142KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 23KB - Virtual size: 31KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 11KB - Virtual size: 10KB