8d35efd658a4c648f1f0bda743b235ea298ba427aa9c24fe7d37b34f65029636

Sharing

Copy URL Twitter E-mail

General

Target

8d35efd658a4c648f1f0bda743b235ea298ba427aa9c24fe7d37b34f65029636
Size

1.8MB
MD5

8c44584a568219d0a2bf2fa134424a00
SHA1

1285c5336df0683a81f720789f22e6b4e7b0896a
SHA256

8d35efd658a4c648f1f0bda743b235ea298ba427aa9c24fe7d37b34f65029636
SHA512

12d3a0ec396f6e5f8926fb8aabb9b75d655958d95ec929d2fea0434635fada82be897242a6a97862e6dc02290291a7612b91e815d9ae47aa6f5d979a6cfd0705
SSDEEP

24576:j8RhKgduxxxBeD0HquMrr8Ns4xnqlP0zcFEH9CWDd9NSVSZYOochtwPEu:jqhDI3O0HqBGiqdBPNiSZhop5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d35efd658a4c648f1f0bda743b235ea298ba427aa9c24fe7d37b34f65029636

Files

8d35efd658a4c648f1f0bda743b235ea298ba427aa9c24fe7d37b34f65029636
.dll windows:5 windows x86 arch:x86

b34374021d23f69d605da8e4915a5822

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

GetUrlCacheEntryInfoW

user32

GetClassInfoA
GetWindowRgn
GetDlgItemTextW
GetKeyNameTextA
GetCursor
GetRawInputDeviceList
GetQueueStatus
GetKeyboardLayout
GetWindowTextW

winspool.drv

DeletePortW

shell32

FindExecutableW

kernel32

GetBinaryTypeA
GetModuleFileNameA
GetCommTimeouts
FindActCtxSectionStringW
GetThreadLocale
WritePrivateProfileStructA
GetVolumeInformationA
GetDiskFreeSpaceA
GetTickCount
GetComputerNameExA
LocalFree
FindVolumeClose
GetCalendarInfoW
FreeLibrary
GetCurrencyFormatA
DefineDosDeviceA
GetModuleHandleA
WriteProfileStringW
ExpandEnvironmentStringsW
GetFileTime
lstrcpynW
GetStringTypeA

urlmon

FindMimeFromData

gdi32

GetPaletteEntries
GetTextMetricsW
GetRandomRgn
GetTextCharset
GetWindowOrgEx
GetOutlineTextMetricsA
ExcludeClipRect

mscms

GetStandardColorSpaceProfileW

advapi32

DecryptFileW
InitializeSecurityDescriptor
GetSidIdentifierAuthority
IsValidSid

oleaut32

LoadRegTypeLi

msvcrt

towlower

Sections

.text
Size: 712KB - Virtual size: 709KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 912KB - Virtual size: 910KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b34374021d23f69d605da8e4915a5822

Headers

DLL Characteristics

File Characteristics

Imports

wininet

user32

winspool.drv

shell32

kernel32

urlmon

gdi32

mscms

advapi32

oleaut32

msvcrt

Sections

.text Size: 712KB - Virtual size: 709KB

.rdata Size: 912KB - Virtual size: 910KB

.data Size: 140KB - Virtual size: 141KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 36KB - Virtual size: 34KB

.text
Size: 712KB - Virtual size: 709KB

.rdata
Size: 912KB - Virtual size: 910KB

.data
Size: 140KB - Virtual size: 141KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 36KB - Virtual size: 34KB