d373f756ec9abcb8be3a5cf967838b487097ffebb85b4ad3e2cb106942771418

Sharing

Copy URL Twitter E-mail

General

Target

d373f756ec9abcb8be3a5cf967838b487097ffebb85b4ad3e2cb106942771418
Size

644KB
MD5

147a4ba682af5ce00201fbae73ea4eb4
SHA1

c22db7494b4bfe25df94547684049cbddf495854
SHA256

d373f756ec9abcb8be3a5cf967838b487097ffebb85b4ad3e2cb106942771418
SHA512

3eb5d4f2b4d6b4ecbb3047766d92b9e7f7444c4292d04b522d6bc608dc31b333374cfcdb81c6a3bfce12b34b5ac384fde64d4f34547d59439454c328b4935c52
SSDEEP

12288:JA8ueTbjPjo26Ww67DefRYWVJpgLBatXMnkc1ZtdtIpEiJ+J:f42hifRYWVJAatXMkc1Z/WG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d373f756ec9abcb8be3a5cf967838b487097ffebb85b4ad3e2cb106942771418

Files

d373f756ec9abcb8be3a5cf967838b487097ffebb85b4ad3e2cb106942771418
.dll windows:6 windows x86 arch:x86

41927ea87b32f42fc11257633000113d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
SetErrorMode
FindResourceExW
GetUserDefaultUILanguage
GlobalFlags
GetLocaleInfoW
GetSystemDefaultUILanguage
GetCurrentDirectoryW
FlushFileBuffers
GetFullPathNameW
ReadFile
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExW
SystemTimeToTzSpecificLocalTime
GetUserDefaultLCID
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
CreateDirectoryW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
ReadConsoleW
SetStdHandle
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
GetStdHandle
HeapQueryInformation
GetCommandLineA
GetTimeZoneInformation
PeekNamedPipe
GetFileType
GetFileInformationByHandle
GetDriveTypeW
GetModuleHandleExW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetStringTypeW
LCMapStringEx
GetCPInfo
RaiseException
OutputDebugStringW
lstrcmpA
GetCurrentThread
MulDiv
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
GetSystemDirectoryW
EncodePointer
GlobalFree
VirtualProtect
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringA
GetStartupInfoW
GetCurrentThreadId
GetModuleHandleW
GetVolumeInformationW
GetDiskFreeSpaceW
DeleteFileW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
QueryFullProcessImageNameW
OpenProcess
CreateFileMappingA
CreateSemaphoreA
GetModuleHandleA
UnmapViewOfFile
MapViewOfFileEx
GetSystemTimeAsFileTime
SwitchToThread
GetCurrentProcessId
GetCurrentProcess
GetProcessTimes
CreateMutexA
WaitForSingleObject
ReleaseMutex
ReleaseSemaphore
QueryPerformanceFrequency
QueryPerformanceCounter
SetLastError
DuplicateHandle
WriteFile
SetFilePointer
SetEndOfFile
RemoveDirectoryA
GetFileSizeEx
FindNextFileA
FindFirstFileA
CreateFileA
CreateDirectoryA
GetCommandLineW
GetACP
WideCharToMultiByte
MultiByteToWideChar
MoveFileExW
CreateFileW
GetLocalTime
FormatMessageW
FormatMessageA
LocalFree
GlobalLock
GlobalUnlock
GlobalAlloc
LoadLibraryW
LoadLibraryA
FindResourceW
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetVersionExW
GetTickCount
FindNextFileW
GetSystemInfo
WriteConsoleW
Sleep
CloseHandle
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
ExitProcess
FindClose
FindFirstFileW
FreeLibrary
SleepConditionVariableSRW
GetProcAddress

user32

LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetScrollPos
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetKeyState
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
WinHelpW
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
DispatchMessageW
RegisterWindowMessageW
IsDialogMessageW
SetWindowLongW
GetDlgCtrlID
TranslateMessage
SendMessageW
GetParent
EnableWindow
UnregisterClassW
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
MapDialogRect
GetWindow
RemovePropW
GetPropW
SetPropW
SetActiveWindow
IsWindowEnabled
GetCapture
GetAsyncKeyState
GetFocus
MonitorFromWindow
GetMonitorInfoW
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
PostQuitMessage
GetMessageW
PeekMessageW
SetWindowPos
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetSystemMetrics
GetDC
ReleaseDC
GetClientRect
MessageBoxA
MessageBoxW
SetWindowTextA
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
GetWindowLongW
EnumWindows
GetWindowThreadProcessId
GetWindowRect
GetCursorPos
ClientToScreen
SetCursor
LoadCursorW
SendDlgItemMessageA
SetRectEmpty
OffsetRect
PostMessageW
ShowWindow
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
RealChildWindowFromPoint
DestroyMenu
KillTimer
CharUpperW
SetTimer
InvalidateRect
GetDlgItem
SetFocus
GetSysColorBrush
GetActiveWindow

gdi32

DeleteObject
Escape
GetClipBox
GetStockObject
PtVisible
RectVisible
SetMapMode
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
EnumFontFamiliesExW
GetDeviceCaps
CreateBitmap
GetObjectW
SetTextColor
SetBkColor
DeleteDC
SelectObject
SaveDC
RestoreDC

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

ShellExecuteW

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW

ole32

CoTaskMemFree
CoCreateGuid
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocString
VariantChangeType
VariantClear
VariantInit
SysFreeString

oleacc

LresultFromObject
CreateStdAccessibleObject

Exports

Exports

assembleLayoutThumbnail
exportedHeapusageDiagnostic
initDeviceLoadingBaseCode_02
inkUsage
propertiesWindow
revisionDate
setupDeviceDetails
setupOutputFromBmfHeader
writeDeviceClose
writeDeviceHeader
writeLine

Sections

.text
Size: 481KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41927ea87b32f42fc11257633000113d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oleacc

Exports

Exports

Sections

.text Size: 481KB - Virtual size: 480KB

.rdata Size: 103KB - Virtual size: 103KB

.data Size: 13KB - Virtual size: 116KB

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 481KB - Virtual size: 480KB

.rdata
Size: 103KB - Virtual size: 103KB

.data
Size: 13KB - Virtual size: 116KB

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 28KB - Virtual size: 27KB