f0a7fc685747beb21d9339aed02eb9f7ee85996d79d226858fea8c2f83af36cc

Sharing

Copy URL

Twitter E-mail

General

Target

f0a7fc685747beb21d9339aed02eb9f7ee85996d79d226858fea8c2f83af36cc
Size

1.6MB
MD5

0dc2d819a6d1d34e4a7b0fdc6f5cb17b
SHA1

5d6199f6f9b7d6d2e94312c50cd27c2220ae16de
SHA256

f0a7fc685747beb21d9339aed02eb9f7ee85996d79d226858fea8c2f83af36cc
SHA512

a8b0bfd5800b5450fd2df398d1fd06448195a24891108ce6f946a14969d004883909c3a16eafd793146510eefcbb75db136fac158361a41b23b3e6c70feebecd
SSDEEP

24576:MOfORMz7IuYbwvSB2ks/6IPIWX1bIEgDB0l2vZrU2:KMzsse2ks/bPX1svB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0a7fc685747beb21d9339aed02eb9f7ee85996d79d226858fea8c2f83af36cc

Files

f0a7fc685747beb21d9339aed02eb9f7ee85996d79d226858fea8c2f83af36cc
.dll windows:5 windows x86 arch:x86

3a5af4083d8188a5aa455f937dfce264

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

LogonUserA
GetServiceKeyNameA
GetOldestEventLogRecord
GetSidSubAuthorityCount
LockServiceDatabase
EqualSid
IsValidSecurityDescriptor
LookupAccountNameA
GetLengthSid
GetWindowsAccountDomainSid
GetTokenInformation
GetUserNameA

oleaut32

GetRecordInfoFromTypeInfo

clusapi

GetClusterResourceNetworkName

wininet

GetUrlCacheEntryInfoExA

ws2_32

shutdown

shell32

ExtractIconW
ExtractAssociatedIconExW

mscms

GetColorProfileElement

winspool.drv

DeletePrinterDriverW
GetPrinterDriverDirectoryW

powrprof

IsPwrHibernateAllowed

msvcrt

strftime
ungetwc
strlen
strtod
fseek
vprintf
ftell
strncmp

user32

GetClipboardFormatNameW
GetTopWindow
GetClipCursor
LoadAcceleratorsW
GetDlgItemTextA
DrawTextA
GetComboBoxInfo
GetMenuCheckMarkDimensions
MessageBoxIndirectW
LoadCursorW
GetThreadDesktop
FindWindowExA
LoadIconW
IsWinEventHookInstalled
GetWindowPlacement
FreeDDElParam
GetCaretPos
LoadIconA
GetCapture
GetClientRect
IsWindow
GetClassLongA
FindWindowExW
GetProcessWindowStation

comdlg32

GetOpenFileNameW
GetSaveFileNameA

kernel32

DeleteTimerQueue
GetBinaryTypeA
GetModuleFileNameA
GetModuleHandleA
LocalFileTimeToFileTime
GetStringTypeW
GetTimeFormatW
Module32Next
lstrlenW
GetCompressedFileSizeW
GetPrivateProfileStringA
GlobalAlloc
GetDriveTypeA
GetPrivateProfileStringW
GetFileAttributesA
lstrcatW
GetTapeParameters
GenerateConsoleCtrlEvent
GetUserDefaultUILanguage
GetCurrentProcess
GetCommState
GetProcessTimes
GetCPInfo
FindResourceA
GetLongPathNameA
GetLocaleInfoW
GetStringTypeA
GetTempFileNameW
GetWindowsDirectoryW
GetProcessAffinityMask
VirtualAlloc
IsValidLocale
Module32FirstW
FindActCtxSectionGuid
WriteProfileStringW
GetFileSize
FindNextVolumeW
ExpandEnvironmentStringsA
GetSystemPowerStatus
FillConsoleOutputAttribute
LoadLibraryExA
WritePrivateProfileStructA
EnumTimeFormatsA
GetPrivateProfileSectionA
FileTimeToSystemTime
DeleteFiber
FlushFileBuffers
GetCommMask
EscapeCommFunction
GetTempPathA
VirtualQueryEx
GetPrivateProfileIntW
GetVolumePathNamesForVolumeNameW
GetThreadTimes

urlmon

IsValidURL
GetClassFileOrMime
MkParseDisplayNameEx

ole32

GetConvertStg
GetClassFile

gdi32

DeleteEnhMetaFile
GetCharWidthA
EqualRgn
FillRgn
GetRasterizerCaps
GetTextExtentPoint32A
GetTextExtentPointA
GetTextMetricsW
GetLayout
GetBrushOrgEx
GetRandomRgn
GetTextColor
GetBitmapBits
GetPolyFillMode
GetFontUnicodeRanges

Sections

.text
Size: 692KB - Virtual size: 689KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 888KB - Virtual size: 887KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a5af4083d8188a5aa455f937dfce264

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

oleaut32

clusapi

wininet

ws2_32

shell32

mscms

winspool.drv

powrprof

msvcrt

user32

comdlg32

kernel32

urlmon

ole32

gdi32

Sections

.text Size: 692KB - Virtual size: 689KB

.rdata Size: 888KB - Virtual size: 887KB

.data Size: 76KB - Virtual size: 81KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 692KB - Virtual size: 689KB

.rdata
Size: 888KB - Virtual size: 887KB

.data
Size: 76KB - Virtual size: 81KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB