ddf8700a68a6f084dd925b03ecce591dd4a98526420dff624852fe216ba03374

Sharing

Copy URL

Twitter E-mail

General

Target

ddf8700a68a6f084dd925b03ecce591dd4a98526420dff624852fe216ba03374
Size

920KB
MD5

138db2f7588d1e76457d7a652d55c61a
SHA1

eda19a419e06428ff17a5bbaccaa143f6c537c24
SHA256

ddf8700a68a6f084dd925b03ecce591dd4a98526420dff624852fe216ba03374
SHA512

335c5e5e921ff0ddb54df69fbb10ecf174165336f645c9c11a2b72a569ad9feacc145c73385b17885e6fb4d82af81dd565fe33ac44b3ecd3ebd050a9a1ab7e07
SSDEEP

6144:R7p0se22uqf67qYM2G0njWCTnEsFVyyyyyyyyyyyyyyyyyyyyyyqyyyyyyyyyyyL:oBBeM4njWCzEs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddf8700a68a6f084dd925b03ecce591dd4a98526420dff624852fe216ba03374

Files

ddf8700a68a6f084dd925b03ecce591dd4a98526420dff624852fe216ba03374
.dll windows:4 windows x86 arch:x86

1fde6d0627ad5307dff4c2f55172f974

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineA
ExitProcess
RaiseException
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GlobalFlags
WritePrivateProfileStringA
InterlockedIncrement
SetErrorMode
lstrcatA
InterlockedDecrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
CloseHandle
GlobalAddAtomA
GetCurrentThread
GetCurrentThreadId
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
LoadLibraryA
GetLastError
SetLastError
GlobalFree
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
lstrlenA
lstrcmpiA
GetVersion
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetStartupInfoA
InterlockedExchange

user32

RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetWindowPos
ShowWindow
GetDlgItem
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowTextA
SetWindowTextA
GetClassNameA
LoadCursorA
GetSystemMetrics
DestroyMenu
ReleaseDC
GetClassInfoA
GetSysColorBrush
UnregisterClassA
UnhookWindowsHookEx
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
RegisterWindowMessageA
WinHelpA
SendMessageA
SetCursor
PostMessageA
PostQuitMessage
wsprintfA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetSysColor
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
GetDC
SetWindowLongA

gdi32

DeleteObject
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
DeleteDC
GetStockObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
ScaleWindowExtEx
CreateBitmap
GetDeviceCaps
SaveDC

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegCloseKey
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA

oleaut32

VariantInit
VariantChangeType
VariantClear

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 796KB - Virtual size: 793KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fde6d0627ad5307dff4c2f55172f974

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

oleacc

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 796KB - Virtual size: 793KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 796KB - Virtual size: 793KB

.reloc
Size: 16KB - Virtual size: 15KB