7ac659c4c8aa2c30905b2b969f12ec7e5456bd62137abcd5264e1ff972be9406

Sharing

Copy URL

Twitter E-mail

General

Target

7ac659c4c8aa2c30905b2b969f12ec7e5456bd62137abcd5264e1ff972be9406
Size

529KB
MD5

0e25283a54375d00e747d95445ff9188
SHA1

d188c93142e4e185eec2d28e02e9f95347e82351
SHA256

7ac659c4c8aa2c30905b2b969f12ec7e5456bd62137abcd5264e1ff972be9406
SHA512

f2b86c09249f06f3d7806f53df6416e678ae4c8a99d70dea882155e929f9adb91bbee40a3819c91357d9a670dec4542ca94f527fec3e59d782b03b66c99b1ee8
SSDEEP

12288:pK57a7s+pzmAbBhruTAIoJNjcZ93rkjcOfwNhHI1+J73cr:pR6m5Iw4bOfwNte+Jz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ac659c4c8aa2c30905b2b969f12ec7e5456bd62137abcd5264e1ff972be9406

Files

7ac659c4c8aa2c30905b2b969f12ec7e5456bd62137abcd5264e1ff972be9406
.dll windows:5 windows x86 arch:x86

e503a262a631b1f3a738a5aa57cb2477

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\workplace\GitLab\bss-esurfing\bss-esurfing-common\SelfDebugToolWebUI\Release\SelfDebugDll.pdb

Imports

wininet

InternetSetOptionW

kernel32

GetFileAttributesW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetFileAttributesA
GetCommandLineA
RtlUnwind
RaiseException
HeapSize
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoA
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
SetStdHandle
GetStringTypeA
GetStringTypeW
WriteConsoleA
WriteConsoleW
SetEnvironmentVariableA
FreeLibrary
MultiByteToWideChar
WaitForSingleObject
CreateThread
TerminateThread
SizeofResource
LockResource
LoadResource
FindResourceW
Sleep
OutputDebugStringW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetTickCount
FormatMessageW
LocalAlloc
lstrlenW
LocalSize
LocalFree
lstrlenA
CreateFileW
DeviceIoControl
CloseHandle
HeapAlloc
GetProcessHeap
GetLastError
HeapFree
GetModuleFileNameW
GetModuleHandleW
GetFileSize
SetFilePointer
WriteFile
ReadFile
DeleteFileW
CreatePipe
SetHandleInformation
GetSystemDirectoryW
CreateProcessW
PeekNamedPipe
WideCharToMultiByte
GetACP
SetEndOfFile
GetProcAddress
LoadLibraryW
lstrcpyA
GlobalFindAtomW
GetVersionExA
GlobalFlags
GetModuleHandleA
WritePrivateProfileStringW
CompareStringW
InterlockedIncrement
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalAddAtomW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
LoadLibraryA
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpW
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
CreateFileA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
FlushFileBuffers
GetEnvironmentVariableW
CreateDirectoryW
GetCurrentProcess
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentProcessId
ExitProcess
GetLocalTime
GetConsoleOutputCP

user32

DestroyMenu
ShowWindow
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowTextW
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassW
UnhookWindowsHookEx
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SendMessageW

gdi32

DeleteObject
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
GetDeviceCaps
CreateBitmap
SaveDC
RestoreDC

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegQueryInfoKeyW
GetSidIdentifierAuthority
LookupAccountNameW
GetUserNameW
RegQueryValueW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW

shell32

ShellExecuteW

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree

oleaut32

VariantInit
VariantClear
VariantChangeType

urlmon

URLDownloadToFileW

winhttp

WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpReadData
WinHttpCloseHandle
WinHttpSetOption
WinHttpSetTimeouts
WinHttpQueryDataAvailable
WinHttpCrackUrl
WinHttpSendRequest
WinHttpAddRequestHeaders
WinHttpOpenRequest
WinHttpConnect
WinHttpOpen

iphlpapi

GetRTTAndHopCount
DeleteIpForwardEntry
GetIpForwardTable
GetInterfaceInfo
CreateIpForwardEntry
IpReleaseAddress
GetAdaptersInfo
AddIPAddress
DeleteIPAddress

ws2_32

sendto
recvfrom
setsockopt
inet_addr
htons
WSAGetLastError
bind
WSAIoctl
WSAStartup
WSASocketW
htonl
closesocket
WSACleanup
WSASendTo
WSARecvFrom
inet_ntoa
WSAAddressToStringW
ntohs
socket
gethostbyaddr
gethostbyname

netapi32

NetApiBufferFree
NetUserGetInfo

rasapi32

RasEnumConnectionsW
RasHangUpW

Exports

Exports

PluginInit

Sections

.text
Size: 360KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e503a262a631b1f3a738a5aa57cb2477

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

urlmon

winhttp

iphlpapi

ws2_32

netapi32

rasapi32

Exports

Exports

Sections

.text Size: 360KB - Virtual size: 359KB

.rdata Size: 103KB - Virtual size: 102KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 41KB - Virtual size: 41KB

.text
Size: 360KB - Virtual size: 359KB

.rdata
Size: 103KB - Virtual size: 102KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 41KB - Virtual size: 41KB