54a9a06acfad08507ffe97fb6862c37cf8c7f58bea399d8f925130011f337aaa

Sharing

Copy URL Twitter E-mail

General

Target

54a9a06acfad08507ffe97fb6862c37cf8c7f58bea399d8f925130011f337aaa
Size

508KB
MD5

b3f4692e92b736eede83efbfde42fe5a
SHA1

6599fc6af7776b191df5734635053807250e4135
SHA256

54a9a06acfad08507ffe97fb6862c37cf8c7f58bea399d8f925130011f337aaa
SHA512

d25d6da8c374b01a10704cf0ba77880b3e078eb609cade916dc363f653ca76deb9fa64746e72d5f901f63efd0201c021d65e370996aaac2f3b4ebefd4b73c13e
SSDEEP

6144:fsmbfLGMrVD+ihupwDJ9jMTKMORMKuMiOO1k+3LtlQRwuyJOvaqx9Qg7N18AFX66:DLGMrJUps9jMTKMORMKuM0kEfgvrP9x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54a9a06acfad08507ffe97fb6862c37cf8c7f58bea399d8f925130011f337aaa

Files

54a9a06acfad08507ffe97fb6862c37cf8c7f58bea399d8f925130011f337aaa
.dll windows:4 windows x86 arch:x86

08ebc7211a7495b77cac06fe328f34ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
HeapAlloc
HeapFree
TerminateProcess
ExitThread
HeapSize
HeapReAlloc
GetACP
FatalAppExitA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
RaiseException
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetStdHandle
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetSystemTime
GetSystemTimeAsFileTime
GetTimeZoneInformation
FindNextFileA
RtlUnwind
FileTimeToLocalFileTime
GetOEMCP
GetCPInfo
SetFileTime
LocalFileTimeToFileTime
GetFileAttributesA
GetProcessVersion
FindResourceA
LoadResource
LockResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalFlags
MulDiv
GetVersion
lstrcatA
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
IsBadStringPtrW
SetLastError
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
lstrcpyA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DuplicateHandle
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
InterlockedExchange
SuspendThread
SetThreadPriority
ResumeThread
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
CreateFileA
GetFileSize
SetFileAttributesA
CopyFileA
GetCurrentProcess
CreateToolhelp32Snapshot
Process32First
OpenProcess
Process32Next
GetCurrentDirectoryA
CreateProcessA
GetModuleHandleA
GetDiskFreeSpaceA
FormatMessageA
LocalFree
RemoveDirectoryA
WaitForMultipleObjects
ResetEvent
CreateEventA
MoveFileA
GetLastError
SetEvent
WaitForSingleObject
_lopen
GetFileTime
SystemTimeToTzSpecificLocalTime
_lclose
DeleteFileA
CreateDirectoryA
FindFirstFileA
FindClose
GetLocalTime
SystemTimeToFileTime
FileTimeToSystemTime
FreeLibrary
LoadLibraryA
GetProcAddress
GetPrivateProfileIntA
GetPrivateProfileStringA
GetModuleFileNameA
WritePrivateProfileStringA
ExitProcess
SetUnhandledExceptionFilter
SetErrorMode
GetTickCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
CreateThread
TerminateThread
CloseHandle
GetVersionExA
GetCurrentProcessId

user32

DestroyMenu
MapWindowPoints
GetSysColor
SetActiveWindow
IsWindow
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetClientRect
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetSysColorBrush
SetForegroundWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetFocus
ShowWindow
SetWindowPos
MoveWindow
SetWindowLongA
GetWindowTextLengthA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
GrayStringA
DrawTextA
CharToOemA
OemToCharA
PostQuitMessage
GetWindowDC
PostMessageA
SendMessageA
TabbedTextOutA
EndPaint
BeginPaint
ReleaseDC
GetDC
ScreenToClient
GetMenuStringA
DeleteMenu
InsertMenuA
GetMenuItemCount
GetDesktopWindow
LoadCursorA
LoadIconA
GetForegroundWindow
UpdateWindow
GetWindowTextA
SetWindowTextA
ShowOwnedPopups
SetCursor
EnableWindow
MessageBoxA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
GetSystemMetrics
CharUpperA
wsprintfA
MsgWaitForMultipleObjects
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA

gdi32

RectVisible
TextOutA
ExtTextOutA
ExcludeClipRect
GetDCOrgEx
GetObjectA
SelectClipRgn
PtVisible
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
CreatePatternBrush
SetViewportOrgEx
SetMapMode
GetClipBox
CreateDIBPatternBrushPt
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
CreateRectRgn
GetClipRgn
PolyBezierTo
SetColorAdjustment
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
StartDocA
DeleteDC
PolylineTo
PolyDraw
SetArcDirection
ArcTo
GetCurrentPositionEx
SetMapperFlags
SetTextCharacterExtra
SetTextAlign
SetTextJustification
LineTo
MoveToEx
OffsetClipRgn
OffsetViewportOrgEx
IntersectClipRect
Escape
CreateBitmap
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

OpenProcessToken
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
CreateProcessAsUserA

shell32

SHGetFileInfoA
ShellExecuteA
DragAcceptFiles

comctl32

ord17

wsock32

htonl
htons
ioctlsocket

arsdbclient

ord11
ord12
ord9
ord13
ord10
ord7
ord14
ord17
ord8
ord2
ord1
ord18
ord3
ord20
ord19
ord6

arcomm

ord4
ord6
ord3
ord15
ord16
ord1
ord13
ord14
ord22
ord8
ord11
ord5

arsfile

ord5
ord21
ord9
ord16
ord1
ord17
ord13
ord11

arlog

ord2
ord1

arsdb

ord1

arlib

ord30

iphlpapi

SendARP

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

Exports

Exports

DllArDataServerInit
DllArDataServerRelease

Sections

.text
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08ebc7211a7495b77cac06fe328f34ac

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

arsdbclient

arcomm

arsfile

arlog

arsdb

arlib

iphlpapi

userenv

Exports

Exports

Sections

.text Size: 368KB - Virtual size: 367KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 56KB - Virtual size: 82KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 368KB - Virtual size: 367KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 56KB - Virtual size: 82KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 24KB - Virtual size: 23KB