a0dfe8e0b58b18957cc6659076b1145084f04f1f0252eed5441b72af14711a83

Sharing

Copy URL Twitter E-mail

General

Target

a0dfe8e0b58b18957cc6659076b1145084f04f1f0252eed5441b72af14711a83
Size

132KB
MD5

b2057b29af51578340ceb87784b6b703
SHA1

c2920d52bcd41590b4b9f7f69a383f5cb384e9fd
SHA256

a0dfe8e0b58b18957cc6659076b1145084f04f1f0252eed5441b72af14711a83
SHA512

36d25b1f31624e551dfb2ed8b9759d78cc6468265544fd9effa37a806cf87d3cbf40ebc597d681255319c63fb88aa5e816d1e41c9d6392c05d21d22759279a03
SSDEEP

1536:q3UfljTzLWy+9PsuvNb8BSuUEGb1rDhKutCmcoMajGO8XXBkxax7W1eHT:Iq3+9NvNuSxb90utCloMajaXXBAc7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0dfe8e0b58b18957cc6659076b1145084f04f1f0252eed5441b72af14711a83

Files

a0dfe8e0b58b18957cc6659076b1145084f04f1f0252eed5441b72af14711a83
.dll windows:4 windows x86 arch:x86

0c8e593d9510fc32fac2569b9cfe10ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapSize
HeapReAlloc
ExitProcess
TerminateProcess
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GetCurrentThreadId
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
MultiByteToWideChar
GetOEMCP
WideCharToMultiByte
InterlockedIncrement
GlobalFlags
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
InterlockedDecrement
GetProcessVersion
lstrcmpA
CreateProcessA
LoadLibraryA
FreeLibrary
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpiA
GlobalAddAtomA
GetProcAddress
GlobalDeleteAtom
GetModuleHandleA
GetVersion
GetLastError
SetLastError
GetModuleFileNameA
lstrlenA
lstrcpynA
SetErrorMode
lstrcpyA
lstrcatA
TlsSetValue
TlsGetValue
LocalReAlloc
GlobalReAlloc
EnterCriticalSection
GlobalAlloc
TlsFree
GlobalLock
LeaveCriticalSection
GlobalFree
GlobalHandle
GlobalUnlock
HeapDestroy
DeleteCriticalSection
HeapCreate
GetEnvironmentStrings
CloseHandle
SetStdHandle

user32

SetFocus
GetSysColor
MapWindowPoints
AdjustWindowRectEx
PostMessageA
LoadIconA
SetWindowTextA
IsWindowEnabled
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
CopyRect
EnableWindow
GetTopWindow
MessageBoxA
GetClientRect
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
UnregisterClassA
DispatchMessageA
SendMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
UnhookWindowsHookEx
LoadStringA
GetWindow
SetForegroundWindow
GetMessagePos

gdi32

CreateBitmap
SetTextColor
SetBkColor
GetClipBox
GetDeviceCaps
DeleteObject
GetObjectA
SaveDC
DeleteDC
SelectObject
GetStockObject
RestoreDC
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
PtVisible
TextOutA
ExtTextOutA
RectVisible
Escape

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RevertToSelf
GetUserNameA

comctl32

ord17

Exports

Exports

GetExtensionVersion
HttpExtensionProc
TerminateExtension

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c8e593d9510fc32fac2569b9cfe10ee

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 16KB - Virtual size: 12KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 16KB - Virtual size: 12KB

.reloc
Size: 12KB - Virtual size: 10KB