d7d410960a2cd6114f8b0004b8b81374fadcb92f7371196aa3ce0c04522f427a

Sharing

Copy URL Twitter E-mail

General

Target

d7d410960a2cd6114f8b0004b8b81374fadcb92f7371196aa3ce0c04522f427a
Size

14.0MB
MD5

eec0b08df7a6f4f2e53c85cc459fc8c2
SHA1

ff0f7e49dcefc21dd17a6feb516ce4f20e61f897
SHA256

d7d410960a2cd6114f8b0004b8b81374fadcb92f7371196aa3ce0c04522f427a
SHA512

340dec56dca4a660cc308f66982fd66eddfae6f99c203cf01b3cf4f43fad13ecd1d480eae9469d8bf2b448f7c5b697a232566cf72c1038b123f6fae514fd3b9d
SSDEEP

393216:DMzcg07V0UXAQfB7jvkczBnNpWtr7GKmEmsD:aRo0msczBNgrBhms

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7d410960a2cd6114f8b0004b8b81374fadcb92f7371196aa3ce0c04522f427a

Files

d7d410960a2cd6114f8b0004b8b81374fadcb92f7371196aa3ce0c04522f427a
.dll windows:6 windows x86 arch:x86

492edd3ac5b4c27cb5a3fd41ffcad802

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

DrawTextExW

gdi32

RectVisible

advapi32

LookupPrivilegeValueW

shell32

ShellExecuteW

ole32

OleDuplicateData

oleaut32

VarBstrFromDate

comctl32

ImageList_AddMasked

msimg32

AlphaBlend

shlwapi

PathFindFileNameW

uxtheme

CloseThemeData

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromHBITMAP

ws2_32

WSACleanup

oleacc

CreateStdAccessibleObject

imm32

ImmReleaseContext

winmm

PlaySoundW

winspool.drv

DocumentPropertiesW

Exports

Exports

Admin
AsusT
CSAP
Root
Sfgji
VSOJ
test

Sections

.text
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.n,S
Size: - Virtual size: 8.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.M/\
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

..A:
Size: 14.0MB - Virtual size: 14.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

492edd3ac5b4c27cb5a3fd41ffcad802

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

msimg32

shlwapi

uxtheme

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

winspool.drv

Exports

Exports

Sections

.text Size: - Virtual size: 1.5MB

.rdata Size: - Virtual size: 331KB

.data Size: - Virtual size: 41KB

.n,S Size: - Virtual size: 8.9MB

.M/\ Size: 3KB - Virtual size: 3KB

..A: Size: 14.0MB - Virtual size: 14.0MB

.reloc Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: - Virtual size: 1.5MB

.rdata
Size: - Virtual size: 331KB

.data
Size: - Virtual size: 41KB

.n,S
Size: - Virtual size: 8.9MB

.M/\
Size: 3KB - Virtual size: 3KB

..A:
Size: 14.0MB - Virtual size: 14.0MB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB