b19a5219a308e4b120a24903c7f8fe73eb543e31ebd90ef327b29add48097e31

Sharing

Copy URL

Twitter E-mail

General

Target

b19a5219a308e4b120a24903c7f8fe73eb543e31ebd90ef327b29add48097e31
Size

168KB
MD5

8554bf32e9cb8938e9367a4c0d10b90f
SHA1

366c7d625a93dcc5d8838d8e5e8daa6515058495
SHA256

b19a5219a308e4b120a24903c7f8fe73eb543e31ebd90ef327b29add48097e31
SHA512

b9930bb73e1e85a1e8287d99250c4313eada6107ece4fdc20d33687784db11bec4abd11aca393896701c98d3d480785cb821c1ac88813892804f703d58e9d0aa
SSDEEP

3072:KkUuy+WAJDHCcXr0eJ+aUyPI7VpGxxk27:KkUuy+WAJDH3oeJZPg27

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b19a5219a308e4b120a24903c7f8fe73eb543e31ebd90ef327b29add48097e31

Files

b19a5219a308e4b120a24903c7f8fe73eb543e31ebd90ef327b29add48097e31
.dll windows:5 windows x86 arch:x86

c9360c5187f1f77a3c0058bd5c2b59b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalAlloc
GetLastError
MultiByteToWideChar
GetACP
WideCharToMultiByte
CreateProcessW
GetVersionExW
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LocalFree
GetCurrentProcess
SetUnhandledExceptionFilter
GetFileSize
CreateFileMappingW
MapViewOfFile
CreateFileW
CloseHandle
GlobalAlloc
GlobalFree
UnmapViewOfFile
GetCPInfoExW
GetModuleFileNameW
GetSystemDirectoryW
InterlockedDecrement
lstrcpynW
SetLastError
TerminateProcess
InterlockedIncrement
Sleep

msvcrt

_itoa
swprintf
putchar
wcsncat
_wtoi
wcsncpy
_wsplitpath
wcslen
towupper
free
sprintf
_initterm
_adjust_fdiv
wcscmp
iswalnum
??3@YAXPAX@Z
??2@YAPAXI@Z
wcscat
wcsrchr
malloc
_itow
wcschr
_wcsicmp
wcscpy
strncmp
strncat

user32

SetDlgItemInt
MessageBoxW
GetCursorPos
GetWindowRect
LoadStringW
ShowWindow
SetWindowPos
GetWindowTextW
SetWindowTextW
EndDialog
GetWindowLongW
GetParent
SendMessageW
GetDlgItem
EnableWindow
GetDlgItemInt
CreateWindowExW
GetWindowInfo
IsDlgButtonChecked
SetWindowLongW
CheckDlgButton
SetDlgItemTextW
SetFocus
GetFocus
GetDlgItemTextW
SendDlgItemMessageW
DialogBoxParamW
TrackPopupMenu
GetSubMenu
LoadMenuW
WinHelpW
GetDlgCtrlID

winspool.drv

ClosePrinter
GetPrinterDataW
GetPrinterDriverW
OpenPrinterW
SetPrinterDataW

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegEnumValueW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

comdlg32

GetOpenFileNameW

comctl32

InitCommonControlsEx

snmpapi

SnmpUtilMemFree
SnmpUtilVarBindListFree
SnmpUtilVarBindFree
SnmpUtilMemAlloc

mgmtapi

SnmpMgrStrToOid
SnmpMgrClose
SnmpMgrOpen
SnmpMgrRequest

Exports

Exports

DllCanUnloadNow
DllGetClassObject
_PpdCreate@4
_PpdDelete@4
_PpdGetGroup@8
_PpdGetOptionIterator@8

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9360c5187f1f77a3c0058bd5c2b59b4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

winspool.drv

advapi32

version

comdlg32

comctl32

snmpapi

mgmtapi

Exports

Exports

Sections

.text Size: 89KB - Virtual size: 88KB

.data Size: 7KB - Virtual size: 53KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 89KB - Virtual size: 88KB

.data
Size: 7KB - Virtual size: 53KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 7KB - Virtual size: 6KB