a43a2e2351b2087f48c52d33b18e6278bd50d8e64c18462335988300c27febb9

Sharing

Copy URL Twitter E-mail

General

Target

a43a2e2351b2087f48c52d33b18e6278bd50d8e64c18462335988300c27febb9
Size

1.7MB
MD5

9673588c1b05f09f744b8f3de5ee52d6
SHA1

779a652f95b7bfb52e29997d4e0356aaddddc0b4
SHA256

a43a2e2351b2087f48c52d33b18e6278bd50d8e64c18462335988300c27febb9
SHA512

3cfe66ce7d63308452cb24ffcc368523b681f17cac11b8f3faa46ebe1af3a0db80f2a655c8ff10bdc4d8251a5be59b291022ad6f6414ac2a91e616e74a600518
SSDEEP

24576:U9aafQ/G4F1WzySZbcPsp6ZOaR/XeqGeCzk7kPo0H:U9dwG4FaySByn1XWeDC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a43a2e2351b2087f48c52d33b18e6278bd50d8e64c18462335988300c27febb9

Files

a43a2e2351b2087f48c52d33b18e6278bd50d8e64c18462335988300c27febb9
.dll windows:5 windows x86 arch:x86

156015a5c7290555d2efe1a2df4b1530

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

GetOpenFileNameW
GetSaveFileNameA

clusapi

GetClusterResourceNetworkName

ws2_32

shutdown

oleaut32

GetRecordInfoFromTypeInfo

ole32

GetConvertStg
GetClassFile

mscms

GetColorProfileElement

powrprof

IsPwrHibernateAllowed

urlmon

IsValidURL
MkParseDisplayNameEx
GetClassFileOrMime

msvcrt

vprintf
strftime
fseek
strtod
ftell
strncmp
strlen
ungetwc

shell32

ExtractAssociatedIconExW
ExtractIconW

wininet

GetUrlCacheEntryInfoExA

gdi32

GetCharWidthA
GetPolyFillMode
GetBitmapBits
GetFontUnicodeRanges
DeleteEnhMetaFile
EqualRgn
FillRgn
GetRasterizerCaps
GetTextExtentPoint32A
GetTextExtentPointA
GetTextMetricsW
GetLayout
GetBrushOrgEx
GetRandomRgn
GetTextColor

user32

GetDlgItemTextA
DrawTextA
GetComboBoxInfo
GetMenuCheckMarkDimensions
MessageBoxIndirectW
GetProcessWindowStation
FindWindowExW
LoadIconW
LoadAcceleratorsW
GetWindowPlacement
FreeDDElParam
GetCaretPos
LoadIconA
GetCapture
GetClientRect
IsWindow
GetClassLongA
GetClipCursor
GetClipboardFormatNameW
GetTopWindow
GetThreadDesktop
LoadCursorW
IsWinEventHookInstalled
FindWindowExA

advapi32

GetServiceKeyNameA
GetOldestEventLogRecord
GetSidSubAuthorityCount
LockServiceDatabase
GetUserNameA
GetTokenInformation
GetWindowsAccountDomainSid
GetLengthSid
LookupAccountNameA
IsValidSecurityDescriptor
EqualSid
LogonUserA

kernel32

GetCommState
GetProcessAffinityMask
GetWindowsDirectoryW
GetTempFileNameW
GetCurrentProcess
GetUserDefaultUILanguage
GenerateConsoleCtrlEvent
GetTapeParameters
lstrcatW
GetFileAttributesA
lstrlenW
GetPrivateProfileStringW
GetDriveTypeA
GlobalAlloc
GetPrivateProfileStringA
GetProcessTimes
VirtualAlloc
IsValidLocale
DeleteTimerQueue
GetSystemPowerStatus
GetThreadTimes
GetVolumePathNamesForVolumeNameW
GetPrivateProfileIntW
VirtualQueryEx
GetTempPathA
EscapeCommFunction
GetCPInfo
GetCommMask
FlushFileBuffers
DeleteFiber
FileTimeToSystemTime
GetPrivateProfileSectionA
EnumTimeFormatsA
WritePrivateProfileStructA
LoadLibraryExA
FillConsoleOutputAttribute
Module32FirstW
ExpandEnvironmentStringsA
FindNextVolumeW
GetFileSize
WriteProfileStringW
Module32Next
GetStringTypeA
GetLocaleInfoW
GetTimeFormatW
GetStringTypeW
LocalFileTimeToFileTime
GetModuleHandleA
GetModuleFileNameA
GetLongPathNameA
FindResourceA
GetBinaryTypeA
GetCompressedFileSizeW
FindActCtxSectionGuid

winspool.drv

DeletePrinterDriverW
GetPrinterDriverDirectoryW

Sections

.text
Size: 712KB - Virtual size: 709KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 920KB - Virtual size: 916KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

156015a5c7290555d2efe1a2df4b1530

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

clusapi

ws2_32

oleaut32

ole32

mscms

powrprof

urlmon

msvcrt

shell32

wininet

gdi32

user32

advapi32

kernel32

winspool.drv

Sections

.text Size: 712KB - Virtual size: 709KB

.rdata Size: 920KB - Virtual size: 916KB

.data Size: 80KB - Virtual size: 81KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 712KB - Virtual size: 709KB

.rdata
Size: 920KB - Virtual size: 916KB

.data
Size: 80KB - Virtual size: 81KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB