ca46f724646e69852e456921912c348ce3a544ee94fa85119f62180f4b063da5

Sharing

Copy URL Twitter E-mail

General

Target

ca46f724646e69852e456921912c348ce3a544ee94fa85119f62180f4b063da5
Size

116KB
MD5

1fb4537da6af194fe38ef35d28e7fd8b
SHA1

550b007d0447ef5d6de9bc8ff5bef945f6dbad99
SHA256

ca46f724646e69852e456921912c348ce3a544ee94fa85119f62180f4b063da5
SHA512

eaef829e77af956974542da263c7be66d0cc53bd998417db8e6446e3342b54b7cba6c633c8967aeda7c40b78f4d4c758f42037b95f8826fdc4fcbcbae07cca87
SSDEEP

3072:ansbMH76t3F9sgiTSty4tvNfo48BHSE5x:asbCs3Dsg+4tEHSE/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca46f724646e69852e456921912c348ce3a544ee94fa85119f62180f4b063da5

Files

ca46f724646e69852e456921912c348ce3a544ee94fa85119f62180f4b063da5
.dll windows:4 windows x86 arch:x86

0fa224ac0031b040d7b4cf1b27d31a7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetWindowPlacement
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
SetWindowLongA
IsIconic
SystemParametersInfoA
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindowRect
PtInRect
SendMessageA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
EnableWindow
SetCursor
PostMessageA
PostQuitMessage
GetSystemMetrics
SetFocus
ShowWindow
SetWindowPos
MessageBoxA
GetWindow
UnregisterClassA
GetClassNameA
GetDlgCtrlID

comctl32

ord17

kernel32

GetCPInfo
GetOEMCP
RaiseException
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
GetACP
GetStartupInfoA
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
SetEndOfFile
SetFilePointer
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
GetProcessVersion
GetCurrentProcess
LoadLibraryA
FreeLibrary
GlobalGetAtomNameA
GetLastError
GlobalAddAtomA
GlobalFindAtomA
SetLastError
GetModuleHandleA
GetProcAddress
InterlockedIncrement
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
WritePrivateProfileStringA
GlobalAlloc
SetHandleCount
GlobalFlags
GetCurrentThread
GlobalLock
GetVersion
lstrlenA
lstrcpynA
lstrcpyA
lstrcatA
SetErrorMode
InterlockedDecrement
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
CloseHandle
GetModuleFileNameA
GetFileType
GetStdHandle
GetCurrentThreadId
lstrcmpiA
lstrcmpA
GlobalDeleteAtom

gdi32

CreateBitmap
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
PtVisible
TextOutA
ExtTextOutA
RectVisible
GetObjectA
Escape

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

Main_XYMap2Table

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fa224ac0031b040d7b4cf1b27d31a7d

Headers

File Characteristics

Imports

user32

comctl32

kernel32

gdi32

winspool.drv

advapi32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 20KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 20KB

.reloc
Size: 12KB - Virtual size: 10KB