7bbb63b55b79f6e6d353c079585602c1037f17387286c827c85603e4a799d363

Sharing

Copy URL Twitter E-mail

General

Target

7bbb63b55b79f6e6d353c079585602c1037f17387286c827c85603e4a799d363
Size

652KB
MD5

0c656da8359d3bf176e426d355f25da6
SHA1

4d3828542a07a812f69d5f39085ebc2d9711e915
SHA256

7bbb63b55b79f6e6d353c079585602c1037f17387286c827c85603e4a799d363
SHA512

a73bb030dd3dc0756433236db2258f9015fdca5b0997df4181515ab6a189d9cc0acbba55569c5504d3734ca675c8a6579ab505c9b35d99d33b60edd50e8d7896
SSDEEP

12288:vOilXAaAmhPjfjb6D3PySqnO4Kmk9OPFw0tzBVTOwQr:GilXAaAob6D3j1FSPG0NnT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7bbb63b55b79f6e6d353c079585602c1037f17387286c827c85603e4a799d363

Files

7bbb63b55b79f6e6d353c079585602c1037f17387286c827c85603e4a799d363
.dll windows:5 windows x86 arch:x86

df86cb9566d5cd9443e8e509e88d8c46

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SystemTimeToFileTime
GetSystemTime
IsBadReadPtr
SearchPathA
VirtualProtect
VirtualFree
VirtualAlloc
CompareStringW
GetVersion
GetProcessHeap
SetEndOfFile
GetLocaleInfoW
GetTimeZoneInformation
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
LocalFree
GetWindowsDirectoryW
GetLongPathNameW
MultiByteToWideChar
WideCharToMultiByte
OpenProcess
GetTickCount
DisableThreadLibraryCalls
Sleep
InterlockedCompareExchange
InterlockedIncrement
InterlockedDecrement
DeleteFileA
CloseHandle
GetModuleHandleA
GetSystemInfo
LoadLibraryA
GetProcAddress
CreateFileW
ExpandEnvironmentStringsA
GetCurrentProcess
DeleteCriticalSection
EnterCriticalSection
InterlockedExchange
LeaveCriticalSection
CompareStringA
InitializeCriticalSection
CreateFileA
FreeLibrary
SetEnvironmentVariableA
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetLastError
HeapFree
HeapAlloc
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapCreate
HeapDestroy
FatalAppExitA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwind
GetConsoleCP
GetConsoleMode
LCMapStringW
LCMapStringA
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
ReadFile
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID

user32

OpenDesktopA
IsWindowVisible
EnumDesktopsA
OpenWindowStationA
CloseDesktop
EnumWindowStationsA
GetParent
EnumDesktopWindows
GetWindowRect
CloseWindowStation
GetWindowThreadProcessId

advapi32

RegSetValueExW
BuildExplicitAccessWithNameA
RegSetKeySecurity
RegLoadKeyA
RegEnumValueA
RegSaveKeyA
RegDeleteValueA
RegGetKeySecurity
RegOpenKeyExA
RegCreateKeyExA
SetSecurityDescriptorDacl
RegEnumKeyExA
InitializeSecurityDescriptor
RegDeleteKeyA
RegQueryValueExW
RegQueryValueExA
RegSetValueExA
SetEntriesInAclA
RegCloseKey
ConvertSidToStringSidW
RegOpenKeyW
GetTokenInformation
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
GetSecurityDescriptorDacl

libxsse

ord30
ord12
ord44
ord40
ord2
ord10
ord11

Exports

Exports

libvxf_alloc
libvxf_free
libvxf_vxeng_register

Sections

.text
Size: 340KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df86cb9566d5cd9443e8e509e88d8c46

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

libxsse

Exports

Exports

Sections

.text Size: 340KB - Virtual size: 340KB

.rdata Size: 220KB - Virtual size: 220KB

.data Size: 68KB - Virtual size: 68KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 340KB - Virtual size: 340KB

.rdata
Size: 220KB - Virtual size: 220KB

.data
Size: 68KB - Virtual size: 68KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 16KB - Virtual size: 16KB