684c690ef90e1ccc0d51cc34726a31649c9024c766405c95a059ca036ae50ef6

Sharing

Copy URL Twitter E-mail

General

Target

684c690ef90e1ccc0d51cc34726a31649c9024c766405c95a059ca036ae50ef6
Size

108KB
MD5

41bfa20f0c80856044528a041c4dd8e9
SHA1

9446e432047c112028ad86aca382e3c18042aecb
SHA256

684c690ef90e1ccc0d51cc34726a31649c9024c766405c95a059ca036ae50ef6
SHA512

e2669a87bab5cb4f1ce7641bc70d767d8e5bdc33e03f83637d6f9e359b972153b56bb44c2337722080dd0df4be427500db960bc1359d8a5dc8a1029792474c7d
SSDEEP

3072:FIOehVPIHLVCsYnqsQO86Jxp17PFuDa9Z4Xe:DOnqsQO8Q99u2se

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
684c690ef90e1ccc0d51cc34726a31649c9024c766405c95a059ca036ae50ef6

Files

684c690ef90e1ccc0d51cc34726a31649c9024c766405c95a059ca036ae50ef6
.dll windows:4 windows x86 arch:x86

ecce1c0ac36ffbb928400471ccf9eb03

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

imm32

ImmReleaseContext
ImmGetContext
ImmGetCompositionStringA

kernel32

CreateFileMappingA
HeapFree
GetProcessHeap
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
OutputDebugStringA
WideCharToMultiByte
GetCurrentProcessId
GetLocalTime
OpenProcess
ReadProcessMemory
VirtualQueryEx
GetTickCount
CopyFileA
GetPrivateProfileStringA
GlobalLock
GetCurrentProcess
GlobalUnlock
GlobalHandle
GlobalAlloc
GetSystemDirectoryA
DeleteFileA
CreateFileA
CloseHandle
GetFileInformationByHandle
WriteFile
GetModuleFileNameA
CreateThread
GetModuleHandleA
LoadLibraryA
GetProcAddress
VirtualProtect
InterlockedExchange
Sleep
GetFileSize
ReadFile
GlobalFree
GetTempPathA
HeapAlloc

user32

PeekMessageA
CallNextHookEx
GetWindowTextA
GetForegroundWindow
PostThreadMessageA
UnhookWindowsHookEx
MsgWaitForMultipleObjects
GetDC
ReleaseDC
SetRect
GetFocus
GetKeyState
FindWindowExA
GetWindowLongA
GetWindowThreadProcessId
TranslateMessage
DispatchMessageA

gdi32

GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetDeviceCaps
DeleteDC
DeleteObject
GetDIBits
BitBlt

avifil32

AVIMakeCompressedStream
AVISaveOptionsFree
AVIFileRelease
AVIStreamRelease
AVIFileExit
AVIStreamWrite
AVIFileInit
AVIFileOpenA
AVIFileCreateStreamA
AVIStreamSetFormat

msvfw32

ord2

winmm

waveInClose
waveInOpen
waveOutOpen
waveOutWrite
waveInAddBuffer
waveOutClose

shlwapi

SHGetValueA
SHSetValueA

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

msvcrt

atoi
fflush
fwrite
fclose
_memicmp
fopen
fseek
strncmp
printf
free
_ftol
_CIacos
atol
_CIpow
__dllonexit
_initterm
malloc
_adjust_fdiv
wcslen
vsprintf
localtime
strftime
strchr
_access
_mkdir
srand
rand
rename
strncpy
_strlwr
_onexit
__CxxFrameHandler
??2@YAPAXI@Z
memmove
time
sprintf
strstr
strrchr

wininet

HttpSendRequestA

Exports

Exports

GetDLLVer
InstallHOOK
InstallLocalHOOK
UninstallHOOK
partInit

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARDAT
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecce1c0ac36ffbb928400471ccf9eb03

Headers

File Characteristics

Imports

version

imm32

kernel32

user32

gdi32

avifil32

msvfw32

winmm

shlwapi

msvcp60

msvcrt

wininet

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 24KB - Virtual size: 41KB

.SHARDAT Size: 8KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 24KB - Virtual size: 41KB

.SHARDAT
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB