134a4ad59a0ee629ad88a85b6a034f8894d5b05bbf2085c3e360fcba2c88fdd7

Sharing

Copy URL

Twitter E-mail

General

Target

134a4ad59a0ee629ad88a85b6a034f8894d5b05bbf2085c3e360fcba2c88fdd7
Size

245KB
MD5

bc6535511919f5cc8e65ec2ee57e1000
SHA1

5e6c42efbc2571b490fac20edf412f76c99409fa
SHA256

134a4ad59a0ee629ad88a85b6a034f8894d5b05bbf2085c3e360fcba2c88fdd7
SHA512

592fa0caf38f8adf736601253fd8db9208b379b84d1124bd3492276bc0ebb6be13bbbcbb01d28b28edd61969f9066fb0ec8cad59e6b0d566ae5c150e044a8695
SSDEEP

6144:z68nG5wKRLI0cxAKM9Z26ZHgvKEnyEbN:z68Gha0laGgiEykN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
134a4ad59a0ee629ad88a85b6a034f8894d5b05bbf2085c3e360fcba2c88fdd7

Files

134a4ad59a0ee629ad88a85b6a034f8894d5b05bbf2085c3e360fcba2c88fdd7
.dll windows:5 windows x86 arch:x86

83c0606afee5a0101775ea9f0be99a18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

hid

HidD_GetAttributes
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_GetSerialNumberString
HidP_GetCaps

setupapi

SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces

kernel32

WriteConsoleW
SetFilePointerEx
GetConsoleMode
FlushFileBuffers
DecodePointer
InterlockedDecrement
RaiseException
TerminateThread
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WaitForSingleObject
CloseHandle
CreateEventA
HeapAlloc
HeapFree
InterlockedIncrement
DebugBreak
lstrlenA
OutputDebugStringA
FreeLibrary
GetProcAddress
WideCharToMultiByte
CreateThread
GetOverlappedResult
ResumeThread
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEvent
ResetEvent
WaitForMultipleObjects
WriteFile
ReadFile
PurgeComm
CreateFileA
CancelIo
ClearCommError
SetupComm
GetCommState
SetCommState
SetCommTimeouts
CreateSemaphoreA
GetModuleFileNameA
MultiByteToWideChar
GetConsoleCP
CreateWaitableTimerA
SetWaitableTimer
CancelWaitableTimer
GetProcessHeap
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
CreateFileW
FindFirstFileExA
FindClose
HeapSize
LCMapStringW
HeapReAlloc
GetFileType
IsDebuggerPresent
OutputDebugStringW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RtlUnwind
InterlockedFlushSList
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStringTypeW
GetACP
GetStdHandle

user32

LoadStringA
CharUpperA
SendMessageA
PostMessageA
CharNextA

ws2_32

ioctlsocket
WSACleanup
getsockopt
__WSAFDIsSet
WSAGetLastError
select
send
setsockopt
shutdown
socket
closesocket
WSAStartup
bind
htons
inet_addr
connect
recv

Exports

Exports

PLUG_GetLink

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83c0606afee5a0101775ea9f0be99a18

Headers

DLL Characteristics

File Characteristics

Imports

hid

setupapi

kernel32

user32

ws2_32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 49KB - Virtual size: 48KB

.data Size: 7KB - Virtual size: 10KB

.gfids Size: 512B - Virtual size: 256B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 49KB - Virtual size: 48KB

.data
Size: 7KB - Virtual size: 10KB

.gfids
Size: 512B - Virtual size: 256B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 13KB - Virtual size: 13KB