d0467942b4722deef8cc7f7fa8f5096d0b1a6dc18b8e8cd23cee7cc695d87502

Sharing

Copy URL Twitter E-mail

General

Target

d0467942b4722deef8cc7f7fa8f5096d0b1a6dc18b8e8cd23cee7cc695d87502
Size

6.3MB
MD5

0603c5b0190abe7429ad7104b3f404ed
SHA1

93c8d38326b950ce802df2f9c6a7a3a62f8733f1
SHA256

d0467942b4722deef8cc7f7fa8f5096d0b1a6dc18b8e8cd23cee7cc695d87502
SHA512

8a3ce60f7f6b4c484e24b6f0293eda844395878f1197b92dadb03a295eb99925d734eb7d3ef0ba3fae6b4c3d1acf29f2507d871cd3a2245f5bcd5b7b4890edfe
SSDEEP

196608:Q4wBhLx5WW5wLzuf1t7bXp45EnaKWhO69U5TG:2rH5wc1pbXp+EnarhO2U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0467942b4722deef8cc7f7fa8f5096d0b1a6dc18b8e8cd23cee7cc695d87502

Files

d0467942b4722deef8cc7f7fa8f5096d0b1a6dc18b8e8cd23cee7cc695d87502
.dll windows:6 windows x86 arch:x86

6ae3fd05b18b2a2697b5b2c6cee55ed0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleCP
QueryPerformanceCounter
GetModuleFileNameA
GetOEMCP
GetACP
IsValidCodePage
GetFileType
GetStdHandle
GetConsoleMode
ReadFile
SetFilePointerEx
LoadLibraryExW
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadConsoleW
CreateFileW
SetEndOfFile
SuspendThread
SetThreadLocale
HeapDestroy
GetTempPathW
GetUserDefaultLCID
GetSystemDirectoryW
EnumResourceNamesW
EncodePointer
GetCurrentProcessId
GetPrivateProfileStringW
HeapSize
AreFileApisANSI
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapFree
GetSystemTimeAsFileTime
HeapReAlloc
GetCommandLineA
GetCurrentThreadId
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
LCMapStringW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
IsDebuggerPresent
GetProcessHeap

user32

DestroyWindow
SetCursor
GetWindowRect
MapDialogRect
CharNextW
GetQueueStatus
SetRect
GetSysColor
EnumChildWindows
CreatePopupMenu
CreateCaret
LoadCursorA
DialogBoxParamA
SetWindowTextW
SetMenuItemInfoW
RegisterClassA
HideCaret
SetCapture
SetFocus
BeginPaint
WaitMessage
GetDC
MessageBoxA
UnregisterClassA
GetDesktopWindow
RegisterClassW
GetSystemMetrics

gdi32

MaskBlt
CreateFontA
SetDIBColorTable
GdiFlush
CreateBitmap
RealizePalette
SetPaletteEntries
GetPixel
UpdateColors
TextOutA
MoveToEx
CreateFontIndirectW
SelectClipRgn
CreateRectRgnIndirect
SetTextAlign
CreateSolidBrush
GetTextExtentPoint32A

comdlg32

GetOpenFileNameW

advapi32

CopySid
CloseServiceHandle
ChangeServiceConfigW

oleaut32

SafeArrayGetUBound
SysFreeString
SysReAllocStringLen
SafeArrayCreate

Exports

Exports

?__casdtdfnwydp@@YAGXZ
?__csjgbcqmikv@@YAJXZ
?__hilyxfi@@YAFXZ
?__hpwovwsc@@YAIXZ
?__ycvntmm@@YA_KXZ

Sections

.text
Size: 416KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jrxq
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.chalck
Size: 512B - Virtual size: 127B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hbgidp
Size: 512B - Virtual size: 326B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ifqbfp
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.eybdo
Size: 512B - Virtual size: 23B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ae3fd05b18b2a2697b5b2c6cee55ed0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 416KB - Virtual size: 416KB

.data Size: 5.9MB - Virtual size: 6.2MB

.idata Size: 3KB - Virtual size: 3KB

.jrxq Size: 512B - Virtual size: 108B

.chalck Size: 512B - Virtual size: 127B

.hbgidp Size: 512B - Virtual size: 326B

.ifqbfp Size: 512B - Virtual size: 174B

.eybdo Size: 512B - Virtual size: 23B

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 416KB - Virtual size: 416KB

.data
Size: 5.9MB - Virtual size: 6.2MB

.idata
Size: 3KB - Virtual size: 3KB

.jrxq
Size: 512B - Virtual size: 108B

.chalck
Size: 512B - Virtual size: 127B

.hbgidp
Size: 512B - Virtual size: 326B

.ifqbfp
Size: 512B - Virtual size: 174B

.eybdo
Size: 512B - Virtual size: 23B

.reloc
Size: 12KB - Virtual size: 12KB