99c0c2111241b8ab416a7405a0453b77b3e5749bfd1fb182848b903d1adae15f

Sharing

Copy URL Twitter E-mail

General

Target

99c0c2111241b8ab416a7405a0453b77b3e5749bfd1fb182848b903d1adae15f
Size

1.8MB
MD5

48466288f851f020632cdad7047d4876
SHA1

217cde0e36e8d8abe787dfb34eb7b8edfcc504bc
SHA256

99c0c2111241b8ab416a7405a0453b77b3e5749bfd1fb182848b903d1adae15f
SHA512

ea632e7aaea961934a8534d379364b35e0c2b726ca19db6c47d0fcc78f1c6386dd9ae9bbf9e31788f2aee579d795e7d67b681d37eab7b77b6107f1bd7a726bf2
SSDEEP

24576:EMMPWsRf9r3HA9b9KVxJT3NiUUlSH3NO9pDPXbvzVw/bywL8WMtSkEkRMED:5I1rwaDcUUUNOfPk3LpMtSGRZD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99c0c2111241b8ab416a7405a0453b77b3e5749bfd1fb182848b903d1adae15f

Files

99c0c2111241b8ab416a7405a0453b77b3e5749bfd1fb182848b903d1adae15f
.dll windows:5 windows x86 arch:x86

40fc54fc1b9e4c83d4e7833de25ce5a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

towlower

gdi32

GetTextMetricsW
GetOutlineTextMetricsA
ExcludeClipRect
GetPaletteEntries
GetRandomRgn
GetTextCharset
GetWindowOrgEx

mscms

GetStandardColorSpaceProfileW

kernel32

GetThreadLocale
FindActCtxSectionStringW
GetCommTimeouts
GetVolumeInformationA
GetDiskFreeSpaceA
GetTickCount
GetComputerNameExA
LocalFree
FindVolumeClose
GetCalendarInfoW
FreeLibrary
GetCurrencyFormatA
DefineDosDeviceA
GetStringTypeA
WriteProfileStringW
ExpandEnvironmentStringsW
GetFileTime
WritePrivateProfileStructA
GetModuleHandleA
GetModuleFileNameA
GetBinaryTypeA
lstrcpynW

urlmon

FindMimeFromData

user32

GetRawInputDeviceList
GetCursor
GetKeyNameTextA
GetDlgItemTextW
GetWindowRgn
GetClassInfoA
GetWindowTextW
GetKeyboardLayout
GetQueueStatus

winspool.drv

DeletePortW

wininet

GetUrlCacheEntryInfoW

oleaut32

LoadRegTypeLi

advapi32

GetSidIdentifierAuthority
DecryptFileA
InitializeSecurityDescriptor
IsValidSid

shell32

FindExecutableW

Sections

.text
Size: 712KB - Virtual size: 709KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 912KB - Virtual size: 910KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40fc54fc1b9e4c83d4e7833de25ce5a5

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

gdi32

mscms

kernel32

urlmon

user32

winspool.drv

wininet

oleaut32

advapi32

shell32

Sections

.text Size: 712KB - Virtual size: 709KB

.rdata Size: 912KB - Virtual size: 910KB

.data Size: 136KB - Virtual size: 139KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 36KB - Virtual size: 34KB

.text
Size: 712KB - Virtual size: 709KB

.rdata
Size: 912KB - Virtual size: 910KB

.data
Size: 136KB - Virtual size: 139KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 36KB - Virtual size: 34KB