63b1734f694a804a8e651ab478fd2400b6a9c1612f327ba2434be59dd00d0516

Sharing

Copy URL Twitter E-mail

General

Target

63b1734f694a804a8e651ab478fd2400b6a9c1612f327ba2434be59dd00d0516
Size

136KB
MD5

cf312c5776bb48c39023771abefd0dc3
SHA1

dcb88b4d7a00d1c6952534d9d1761c93b6912889
SHA256

63b1734f694a804a8e651ab478fd2400b6a9c1612f327ba2434be59dd00d0516
SHA512

a44b9dd11711216a5c21d84811b3a087556e62c23d2f0ec27ebcdf5ec97ab4eece3036160bdda271ca16cf5556a879e08e3f1ca54a17ffe443577d742f0f6110
SSDEEP

3072:L7aigtW+ffJgSeY5b4mg80Q8+3Fd1kh5:6igtdfhjh4Os

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63b1734f694a804a8e651ab478fd2400b6a9c1612f327ba2434be59dd00d0516

Files

63b1734f694a804a8e651ab478fd2400b6a9c1612f327ba2434be59dd00d0516
.dll windows:4 windows x86 arch:x86

8cf5564ebeace9d97112021f1b094527

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ord17

kernel32

RaiseException
HeapSize
HeapReAlloc
GetTimeZoneInformation
ExitProcess
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
LCMapStringA
SetStdHandle
IsBadReadPtr
IsBadCodePtr
CreateFileA
GetACP
GetOEMCP
GetStringTypeA
CompareStringA
SetEnvironmentVariableA
InterlockedExchange
GetWindowsDirectoryA
GetSystemDirectoryA
HeapFree
RtlUnwind
GetLastError
HeapAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFlags
GetProcessVersion
GetModuleHandleA
LoadLibraryA
FreeLibrary
GlobalDeleteAtom
DuplicateHandle
GetFileTime
GetFileSize
GetVersion
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalAlloc
GlobalReAlloc
GlobalLock
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
SetLastError
FindClose
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
SetUnhandledExceptionFilter

user32

GetSysColorBrush
ReleaseDC
GetDC
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
GetCapture
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetDlgCtrlID
DestroyWindow
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
IsIconic
GetWindowPlacement
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetParent
GetLastActivePopup
IsWindowEnabled
UnhookWindowsHookEx
GetKeyState
CallNextHookEx
GetSystemMetrics
GetWindowRect

gdi32

SetTextColor
SetBkColor
GetDeviceCaps
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
PtVisible
RectVisible
Escape
CreateBitmap

winspool.drv

ClosePrinter

Exports

Exports

AV5_Encode
END_AV5_Encode
Init_AV5_Encode

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cf5564ebeace9d97112021f1b094527

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

winspool.drv

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 12KB - Virtual size: 31KB

.rsrc Size: 4KB - Virtual size: 928B

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 12KB - Virtual size: 31KB

.rsrc
Size: 4KB - Virtual size: 928B

.reloc
Size: 16KB - Virtual size: 13KB