46ed25c5010c2f66e4411bddc65a6c68ffe8f0382e5b9b56ac2da4acc77c3622

Sharing

Copy URL Twitter E-mail

General

Target

46ed25c5010c2f66e4411bddc65a6c68ffe8f0382e5b9b56ac2da4acc77c3622
Size

259KB
MD5

a178033016b237acce46ec85abd7366d
SHA1

ef49ffa27fdc7a22497bbccc40011c623c3f2825
SHA256

46ed25c5010c2f66e4411bddc65a6c68ffe8f0382e5b9b56ac2da4acc77c3622
SHA512

ad67709dddc08109db231c61df771106af851a4d94e99ff8047c4ae0c6cd98d998c8cb9c5bd384be1fecdc7a1ad28c1a6472f4e165417d8c51f9a8cdd163ff5b
SSDEEP

6144:wVWCA3BfrTRt/lXGoQdfGsiCrHldd4+LWhRERogN:wVWCARfZ2oQHDldd4+L+d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46ed25c5010c2f66e4411bddc65a6c68ffe8f0382e5b9b56ac2da4acc77c3622

Files

46ed25c5010c2f66e4411bddc65a6c68ffe8f0382e5b9b56ac2da4acc77c3622
.dll windows:5 windows x64 arch:x64

fc9217033690170a72057bca5d2002e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlLookupFunctionEntry
RtlUnwindEx
ExitThread
CreateThread
FlsSetValue
GetCommandLineA
RaiseException
RtlPcToFileHeader
HeapReAlloc
HeapQueryInformation
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetACP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
LCMapStringA
LCMapStringW
HeapSetInformation
HeapCreate
HeapDestroy
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocalTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetOEMCP
GetCPInfo
GetLocaleInfoA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetVersionExA
GetCurrentThreadId
GlobalFlags
GlobalAddAtomA
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpA
GlobalGetAtomNameA
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GetSystemTimeAsFileTime
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
GetModuleHandleA
GetModuleHandleW
CompareStringA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
MultiByteToWideChar
lstrlenA
CreateFileA
LoadLibraryA
GetProcAddress
GetFileSize
SetFilePointer
ReadFile
FreeLibrary
DeleteFileA
OutputDebugStringA
GetTickCount
GetModuleFileNameA
ExpandEnvironmentStringsA
FreeConsole
WideCharToMultiByte
CreateToolhelp32Snapshot
Process32First
OpenProcess
Process32Next
GetProcessHeap
HeapAlloc
HeapFree
LocalFree
GetCurrentProcess
CloseHandle
GetLastError
WaitForSingleObject
Sleep
ExitProcess
FindResourceA
LoadResource
LockResource
FlsAlloc
SizeofResource

user32

DestroyMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
GetClassInfoA
AdjustWindowRectEx
CopyRect
CallWindowProcA
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowPos
IsWindow
DefWindowProcA
PostQuitMessage
GetClassInfoExA
DispatchMessageA
GetDlgItem
SetWindowsHookExA
CallNextHookEx
GetKeyState
PeekMessageA
ValidateRect
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
PostMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
SendMessageTimeoutA
GetSubMenu
GetWindowRect
GetClassNameA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSystemMetrics
CharUpperA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
UnhookWindowsHookEx
MessageBoxA
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetParent
GetWindowLongA
SendMessageA
GetWindowThreadProcessId
PtInRect
SetWindowTextA
GetWindowTextA

gdi32

CreateBitmap
DeleteDC
TextOutA
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetStockObject
RectVisible
PtVisible
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
GetDeviceCaps
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCreateKeyExA
RegisterServiceCtrlHandlerA
GetTokenInformation
EqualSid
ConvertSidToStringSidA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
SetServiceStatus

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetSetOptionA
InternetSetCookieA
HttpSendRequestA

iphlpapi

GetAdaptersInfo

ole32

CoCreateGuid

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

ServiceMain
Start

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc9217033690170a72057bca5d2002e0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

wininet

iphlpapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 173KB - Virtual size: 173KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 10KB - Virtual size: 32KB

.pdata Size: 11KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 173KB - Virtual size: 173KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 10KB - Virtual size: 32KB

.pdata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 9KB - Virtual size: 9KB