68265fd59e5b54a67065af4f19d347ff2a427713b4bb0aa94d50088d6025f1a7

Sharing

Copy URL Twitter E-mail

General

Target

68265fd59e5b54a67065af4f19d347ff2a427713b4bb0aa94d50088d6025f1a7
Size

135KB
MD5

83e565dcbc6d71a364ff5106add031a3
SHA1

393852c7ecc049948ebb90aafe6c114c5d854d63
SHA256

68265fd59e5b54a67065af4f19d347ff2a427713b4bb0aa94d50088d6025f1a7
SHA512

c912f650a5dfdc014f3e0efaf4ba3ea2e507493a7c8133281267688bae16f428a9b0db07d1d47a85233ff1c445b6c887919d4f0ade7d26683672ca55d71efce4
SSDEEP

3072:9LgBlMyn7jbaMeKTMyC7Dzqkn9isCiSttTBfm+6Bt:9LgF7xdC7DzqIRChtTBeJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68265fd59e5b54a67065af4f19d347ff2a427713b4bb0aa94d50088d6025f1a7

Files

68265fd59e5b54a67065af4f19d347ff2a427713b4bb0aa94d50088d6025f1a7
.dll windows:5 windows x86 arch:x86

04754f2bcf40cf79cb1b0f8ab1d0c25b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

shutdown
send
socket
inet_addr
htons
connect
recv
closesocket
gethostname
gethostbyname
inet_ntoa

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
SetServiceStatus
GetUserNameA
RegCreateKeyExA
RegisterServiceCtrlHandlerA

user32

GetProcessWindowStation
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenInputDesktop
SetThreadDesktop
GetSystemMetrics
CloseWindowStation
CloseDesktop
GetDC
ReleaseDC
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
DefWindowProcA

gdi32

DeleteObject
CreateDCA
GetDIBits
CreateCompatibleBitmap
BitBlt
SelectObject
CreateDIBSection
DeleteDC
CreateCompatibleDC
GetStockObject

kernel32

GetStringTypeW
HeapSize
GetConsoleCP
MultiByteToWideChar
LCMapStringW
HeapReAlloc
LoadLibraryW
GetConsoleMode
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoW
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
IsProcessorFeaturePresent
HeapAlloc
GetModuleFileNameW
GetStdHandle
IsValidCodePage
GetOEMCP
SetStdHandle
WriteConsoleW
SetEndOfFile
GetProcessHeap
CreateFileW
GetVersionExA
Sleep
ExitProcess
GetModuleFileNameA
CloseHandle
DuplicateHandle
GetCurrentProcess
CreateFileA
OpenProcess
GetLocalTime
FreeConsole
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
ExpandEnvironmentStringsA
InitializeCriticalSection
GetProcAddress
LoadLibraryA
DeleteCriticalSection
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
OutputDebugStringA
GetSystemDefaultLangID
GetCurrentProcessId
GetHandleInformation
GetSystemDirectoryA
TerminateProcess
ReadFile
PeekNamedPipe
FreeLibrary
GlobalAlloc
GetFileSize
DeleteFileA
GlobalFree
DisconnectNamedPipe
CreateProcessA
CreatePipe
WaitForMultipleObjects
SetFileTime
GetFileTime
WriteFile
FlushFileBuffers
RtlUnwind
ExitThread
GetLastError
CreateThread
WideCharToMultiByte
DecodePointer
EncodePointer
RaiseException
GetCommandLineA
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
GetCPInfo
GetACP

Exports

Exports

ServiceMain
Start

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04754f2bcf40cf79cb1b0f8ab1d0c25b

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

advapi32

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 92KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 696B

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 92KB - Virtual size: 92KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 696B

.reloc
Size: 7KB - Virtual size: 7KB