3221a72cfeefdd21018245fdd294f3740816b4fc625bd1f33a0d5a4c645bd13a

Sharing

Copy URL Twitter E-mail

General

Target

3221a72cfeefdd21018245fdd294f3740816b4fc625bd1f33a0d5a4c645bd13a
Size

2.8MB
MD5

15c4099c88f8630bfa4c2a400b8d8db0
SHA1

ab060b400f1949e1be2756e622db013118ec78ac
SHA256

3221a72cfeefdd21018245fdd294f3740816b4fc625bd1f33a0d5a4c645bd13a
SHA512

187f2c04d72c0c5fe3236af47d4ab25e058f2d69a03451679d5fe66c1a3bb336158f27f70728a274bb984252846c840631f58b36e64765e92a94b7eee5c99963
SSDEEP

49152:nugg4eRv5gYnvcjd81GQYzgpjTq7bVlVar/jSI+wpyqW5jS4jDs5dAT:n/+v5gevcZ9Dz8Tq7bVCrbSWy5xSAT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3221a72cfeefdd21018245fdd294f3740816b4fc625bd1f33a0d5a4c645bd13a

Files

3221a72cfeefdd21018245fdd294f3740816b4fc625bd1f33a0d5a4c645bd13a
.dll windows:5 windows x86 arch:x86

faa2d7e3c1f05be78f25e5a28099968c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

HPALETTE_UserUnmarshal

user32

GetMessageA
SetRectEmpty
IsCharAlphaNumericA
SetLayeredWindowAttributes

kernel32

SetStdHandle
GetModuleFileNameW
GetBinaryTypeW
RtlUnwind
DeleteCriticalSection
FillConsoleOutputAttribute
SetProcessAffinityMask
GetLargestConsoleWindowSize
CloseHandle
LoadLibraryW
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
LoadLibraryExW
IsDebuggerPresent
UnhandledExceptionFilter

ws2_32

WSAGetLastError

advapi32

OpenThreadToken
SetSecurityInfo
LookupPrivilegeValueW
AreAllAccessesGranted

gdi32

PlayEnhMetaFileRecord
GetAspectRatioFilterEx

oleaut32

VarBstrCat

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.code
Size: 480KB - Virtual size: 481KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lq8zSJD
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt1
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

faa2d7e3c1f05be78f25e5a28099968c

Headers

File Characteristics

Imports

ole32

user32

kernel32

ws2_32

advapi32

gdi32

oleaut32

Sections

.text Size: 156KB - Virtual size: 154KB

.rdata Size: 4KB - Virtual size: 2KB

.code Size: 480KB - Virtual size: 481KB

lq8zSJD Size: 16KB - Virtual size: 15KB

.crt1 Size: 2.0MB - Virtual size: 2.0MB

.CRT Size: 4KB - Virtual size: 4B

.rsrc Size: 40KB - Virtual size: 38KB

DATA Size: 100KB - Virtual size: 96KB

.text
Size: 156KB - Virtual size: 154KB

.rdata
Size: 4KB - Virtual size: 2KB

.code
Size: 480KB - Virtual size: 481KB

lq8zSJD
Size: 16KB - Virtual size: 15KB

.crt1
Size: 2.0MB - Virtual size: 2.0MB

.CRT
Size: 4KB - Virtual size: 4B

.rsrc
Size: 40KB - Virtual size: 38KB

DATA
Size: 100KB - Virtual size: 96KB