74d93253090f999977fa8e32b03b94bb8d35f59a8390545fd10da0f7fb1fcd13

Sharing

Copy URL Twitter E-mail

General

Target

74d93253090f999977fa8e32b03b94bb8d35f59a8390545fd10da0f7fb1fcd13
Size

589KB
MD5

2aeaafd6ace59e00e3487ef9f427b1c2
SHA1

f5949fbd3239e62633785a41f94862fedfa1a508
SHA256

74d93253090f999977fa8e32b03b94bb8d35f59a8390545fd10da0f7fb1fcd13
SHA512

e5e7b7af9d2d9b3fe4c79e7ea79a0b6cc0c697af018a6d83f820d1263e13d8e008c42daaf200c1bb6ae27b2047014cf49774cf62be9f80b62a18794dda60c677
SSDEEP

12288:eAWVB1TtsNqJr8mFSWQTcoT3kkYn8O+1ZrOMQungDHA01znWI0En3oJRfQEBiHQy:nUBYqe5Tcoj2JyZnQuwHBznWI0EnYJBE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74d93253090f999977fa8e32b03b94bb8d35f59a8390545fd10da0f7fb1fcd13

Files

74d93253090f999977fa8e32b03b94bb8d35f59a8390545fd10da0f7fb1fcd13
.dll windows:6 windows x86 arch:x86

54898b577ece2600601008e8a6333f67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalReAlloc
FindNextFileA
LocalFree
FindClose
RemoveDirectoryA
CreateFileA
GetFileSize
SetFilePointer
ReadFile
WriteFile
MoveFileA
GetComputerNameW
WideCharToMultiByte
MultiByteToWideChar
CreateFileW
GlobalAlloc
GetSystemDirectoryA
CreatePipe
SetHandleInformation
GetStdHandle
CreateToolhelp32Snapshot
Module32First
FreeLibrary
Module32Next
GetCurrentThreadId
GetCurrentProcessId
Thread32First
ResumeThread
SuspendThread
Thread32Next
CreateThread
VirtualFree
GetModuleFileNameA
GetCurrentProcess
VirtualProtect
FindFirstFileA
VirtualAlloc
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
TerminateThread
WaitForSingleObject
CreateEventA
SetEvent
lstrcmpiA
ExitProcess
CreateMutexA
GetTempPathA
GetTempFileNameA
GlobalFree
DisableThreadLibraryCalls
WriteConsoleW
SetEndOfFile
HeapReAlloc
HeapSize
GetStringTypeW
FlushFileBuffers
SetStdHandle
GetProcessHeap
LCMapStringW
LocalAlloc
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
CloseHandle
CreateProcessA
lstrcatA
GetLastError
CreateDirectoryA
GetModuleHandleA
GetFileAttributesA
lstrcpyA
lstrlenA
DeleteFileA
LoadLibraryA
GetProcAddress
UnmapViewOfFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetFileSizeEx
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetFileType
SetFilePointerEx
HeapAlloc
HeapFree
GetModuleFileNameW
GetModuleHandleExW
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
InterlockedFlushSList
DecodePointer

user32

CharNextA
wsprintfA

advapi32

OpenServiceA
StartServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
CreateServiceA
DeleteService
CloseServiceHandle
OpenSCManagerA
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueA
RegOpenKeyExA

shell32

SHGetFileInfoA

ws2_32

closesocket
socket
inet_addr
htons
setsockopt
send
getsockname
shutdown
recv
gethostbyname
inet_ntoa
recvfrom
sendto
WSAStartup
connect

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

Exports

Exports

entry

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54898b577ece2600601008e8a6333f67

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

wininet

Exports

Exports

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 49KB - Virtual size: 48KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 366KB - Virtual size: 366KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 49KB - Virtual size: 48KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 366KB - Virtual size: 366KB

.reloc
Size: 8KB - Virtual size: 7KB