441a3810b9e89bae12eea285a63f92e98181e9fb9efd6c57ef6d265435484964

Sharing

Copy URL Twitter E-mail

General

Target

441a3810b9e89bae12eea285a63f92e98181e9fb9efd6c57ef6d265435484964
Size

909KB
MD5

9c9f3dd4455e919a0af734cbb74c9948
SHA1

4caed91ff0aebdbed230dbd78d0bfd330b12a807
SHA256

441a3810b9e89bae12eea285a63f92e98181e9fb9efd6c57ef6d265435484964
SHA512

38bf1226a24797999a462a89e6f950b636eafebcd328345b41fb3b6b875763746b471831fa04b043a6542623670152e4551d9a6ef2777bfc86489a3f597149a6
SSDEEP

12288:tKhD15yx9+oXg+3gm72B1/Ew6yldzOYsUNeuF3PwntLizyflnW57m2eK7Etkla+u:+ughB1MUsagtr+e4FsBtH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
441a3810b9e89bae12eea285a63f92e98181e9fb9efd6c57ef6d265435484964

Files

441a3810b9e89bae12eea285a63f92e98181e9fb9efd6c57ef6d265435484964
.dll regsvr32 windows:10 windows x64 arch:x64

284937652d469bad673f83af6b8393fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

shcore

IUnknown_QueryService
IUnknown_Set
IsOS
SHCreateThread
SHGetThreadRef
SHTaskPoolGetUniqueContext
SHTaskPoolQueueTask

shlwapi

PathMatchSpecExW
StrStrIW

gdi32

BitBlt
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectW
CreateSolidBrush
DeleteDC
DeleteObject
ExcludeClipRect
GdiAlphaBlend
GetCurrentObject
GetDeviceCaps
GetObjectW
GetStockObject
SelectObject
SetBkMode
SetStretchBltMode
SetTextColor
StretchBlt
StretchDIBits

ntdll

RtlNtStatusToDosError
RtlQueryWnfStateData

user32

AreDpiAwarenessContextsEqual
CopyImage
CreateWindowInBandEx
DeleteMenu
DestroyMenu
DrawIconEx
DrawTextExW
DrawTextW
EnableMenuItem
GetClassNameW
GetCurrentInputMessageSource
GetCursorInfo
GetDC
GetDoubleClickTime
GetDpiForSystem
GetDpiForWindow
GetKeyState
GetKeyboardLayout
GetMenuInfo
GetMenuItemInfoW
GetSubMenu
GetSystemMenu
GetWindowDpiAwarenessContext
GetWindowLongPtrW
GetWindowLongW
InheritWindowMonitor
LoadCursorW
LoadMenuW
RegisterClassExW
ReleaseDC
RemoveMenu
SetCursor
SetMenuInfo
SetMenuItemBitmaps
SetMenuItemInfoW
SetThreadDpiAwarenessContext
SetWindowLongPtrW
SetWindowLongW
TrackMouseEvent
TrackPopupMenu
TrackPopupMenuEx

kernel32

LoadLibraryW

advapi32

OpenProcessToken

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 560KB - Virtual size: 560KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

284937652d469bad673f83af6b8393fb

Headers

DLL Characteristics

File Characteristics

Imports

shcore

shlwapi

gdi32

ntdll

user32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 560KB - Virtual size: 560KB

.rdata Size: 204KB - Virtual size: 204KB

.data Size: 10KB - Virtual size: 14KB

.pdata Size: 31KB - Virtual size: 31KB

.didat Size: 1KB - Virtual size: 1KB

.rsrc Size: 83KB - Virtual size: 82KB

.reloc Size: 17KB - Virtual size: 15KB

.text
Size: 560KB - Virtual size: 560KB

.rdata
Size: 204KB - Virtual size: 204KB

.data
Size: 10KB - Virtual size: 14KB

.pdata
Size: 31KB - Virtual size: 31KB

.didat
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 83KB - Virtual size: 82KB

.reloc
Size: 17KB - Virtual size: 15KB