e5cfc4fb6cb91976fe560e5aff67700d5956bbc01448b294e40460024077cf44

Sharing

Copy URL Twitter E-mail

General

Target

e5cfc4fb6cb91976fe560e5aff67700d5956bbc01448b294e40460024077cf44
Size

231KB
MD5

18c057c7d1627bfda5dff9412c5f935c
SHA1

3ac302b5062a33112c8ba482171cef5230414bb5
SHA256

e5cfc4fb6cb91976fe560e5aff67700d5956bbc01448b294e40460024077cf44
SHA512

fd27cf7412b6b13ceb0ba1b5eaf93feee7b78c207495361e19ddb81cb1010a6aeb13c93f6e1d6f53e8acec7cb1dc3296a031a03c454384c611cd19673aaaf943
SSDEEP

6144:IEtxO8GQek287t5f6RIq11yXZFJTezr+yillFhvQMgH:Xs18ZP+illFhvsH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e5cfc4fb6cb91976fe560e5aff67700d5956bbc01448b294e40460024077cf44

Files

e5cfc4fb6cb91976fe560e5aff67700d5956bbc01448b294e40460024077cf44
.dll windows:6 windows x86 arch:x86

1e901770aeeaa54aa27e62a7d83864f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

PropertySheetW
CreatePropertySheetPageW

kernel32

IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
lstrlenW
lstrcpynW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
WaitForSingleObject
UnmapViewOfFile
MultiByteToWideChar
Sleep
CloseHandle
GetCurrentProcessId
CreateFileMappingW
MapViewOfFile
DisableThreadLibraryCalls
UnhandledExceptionFilter

user32

GetWindowPlacement
GetMessageW
FillRect
PeekMessageW
GetSystemMetrics
DispatchMessageW
InvalidateRect
BeginPaint
EndPaint
GetWindowRect
TranslateMessage
GetClientRect
UpdateWindow
CreateDialogParamW
GetParent
DestroyWindow
SetWindowPos
SetWindowLongW
GetWindowTextW
SetTimer
KillTimer
EnableWindow
ReleaseDC
ShowWindow
GetDC
GetPropW
RemovePropW
SetPropW
MessageBoxW
CheckRadioButton
SendMessageW
SetWindowTextW
IsDlgButtonChecked
GetDlgItem
CheckDlgButton
PostThreadMessageW

gdi32

EnumFontFamiliesExW
GetObjectW
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
CreateFontW
GetStockObject
DeleteDC
TextOutW
GetTextExtentPoint32W
DeleteObject
SetTextAlign

comdlg32

GetOpenFileNameW
GetSaveFileNameW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CoTaskMemFree

vcruntime140

memset
_except_handler4_common
__CxxFrameHandler3
_purecall
__std_terminate
wcsstr
wcsrchr
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memmove
memcpy
__std_type_info_destroy_list

api-ms-win-crt-string-l1-1-0

strncmp
strncpy
wcsncpy_s
_wcsdup
wcsncat_s
_wcsicmp

api-ms-win-crt-convert-l1-1-0

atoi
_wtoi
_itow

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
fwrite
fseek
ftell
__stdio_common_vswprintf
__stdio_common_vsnwprintf_s
_wfopen
fclose
fread

api-ms-win-crt-heap-l1-1-0

_callnewh
calloc
free
malloc
realloc

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit
_beginthreadex
_seh_filter_dll
_wassert
_initterm_e
_initterm

api-ms-win-crt-math-l1-1-0

_libm_sse2_sin_precise
_libm_sse2_pow_precise
floor
_libm_sse2_cos_precise

Exports

Exports

kpi_CreateInstance

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e901770aeeaa54aa27e62a7d83864f2

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

shell32

ole32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 60KB - Virtual size: 400KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 60KB - Virtual size: 400KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 6KB - Virtual size: 6KB