110237f544929a15e9ff775c8a18b2f6019abb5b9fe26adbc06110a766dbcf6d

Sharing

Copy URL Twitter E-mail

General

Target

110237f544929a15e9ff775c8a18b2f6019abb5b9fe26adbc06110a766dbcf6d
Size

1.2MB
MD5

28728e6e0fb2db8e2395fc764800d8f8
SHA1

ec5c56d076983102a7de4562cb7e5896f2c330b0
SHA256

110237f544929a15e9ff775c8a18b2f6019abb5b9fe26adbc06110a766dbcf6d
SHA512

e2f72068dd5ab63a2ed354cbc2b29e8d9ded711b07b493c61bd75508d0b26e2a38c6ea36629125b2db1ca1c3b2b90dd930e03d8a56e05a7669e90c0ea391518e
SSDEEP

24576:UCTY6JjSPecZrJzxlMf6t1Y8kVaOjxWzMBjkycTn:Ux6JjO1frOtFwMBjkXT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
110237f544929a15e9ff775c8a18b2f6019abb5b9fe26adbc06110a766dbcf6d

Files

110237f544929a15e9ff775c8a18b2f6019abb5b9fe26adbc06110a766dbcf6d
.dll windows:4 windows x86 arch:x86

d539163e971952b2b93ccc87f627f57e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetGetConnectedState
InternetCloseHandle

kernel32

InterlockedDecrement
SetUnhandledExceptionFilter
GetModuleHandleA
GetProcAddress
LoadLibraryA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
InterlockedExchange
VirtualQuery
GetEnvironmentVariableW
WideCharToMultiByte
InterlockedIncrement
GetComputerNameA
FreeLibrary
GetVolumeInformationA
GetDiskFreeSpaceA
DeviceIoControl
GlobalMemoryStatus
GetSystemInfo
GetVersionExA
GetExitCodeThread
DuplicateHandle
GetCurrentThread
GetCurrentProcess
ResumeThread
GetFileSize
SetLastError
IsBadCodePtr
IsBadWritePtr
VirtualProtect
SearchPathA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
GetEnvironmentStrings
GetEnvironmentStringsW
TerminateProcess
SetErrorMode
SuspendThread
ExitThread
TerminateThread
CreateRemoteThread
GetShortPathNameA
GetFullPathNameA
CreateFileW
GetModuleFileNameW
GetShortPathNameW
GetFullPathNameW
SetFilePointer
GetFileType
CreateFileMappingW
FlushViewOfFile
MapViewOfFileEx
VirtualAlloc
VirtualFree
OpenFileMappingA
OpenFileMappingW
OpenFile
_lcreat
_lopen
_hread
_hwrite
_lread
_lwrite
_llseek
_lclose
FindFirstFileA
FindFirstFileW
FindResourceA
FindResourceW
FindResourceExA
FindResourceExW
FormatMessageA
FormatMessageW
CreateEventA
SetEvent
CreateMailslotA
CreateDirectoryA
SetFileTime
GetSystemTimeAsFileTime
SetEndOfFile
OutputDebugStringA
WriteProcessMemory
ExitProcess
UnhandledExceptionFilter
GetACP
GetCommandLineA
GetVersion
GetProcessHeap
SetProcessWorkingSetSize
GlobalUnlock
GlobalLock
CreateThread
LockResource
GetLocalTime
FileTimeToSystemTime
GetSystemTime
IsBadReadPtr
MultiByteToWideChar
GetTempPathW
GetTempFileNameA
GetTempFileNameW
GetWindowsDirectoryA
CreateProcessA
GetStartupInfoA
SetThreadPriority
SetPriorityClass
GetPrivateProfileIntA
WriteProfileStringA
GetProfileStringA
GetLocaleInfoA
FindClose
FindNextFileA
CompareFileTime
SetFileAttributesA
GetFileAttributesA
GetSystemDirectoryA
ResetEvent
GetMailslotInfo
FreeEnvironmentStringsA
SetHandleCount
HeapReAlloc
HeapCreate
HeapDestroy
HeapSize
GetStdHandle
IsValidCodePage
GetOEMCP
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCPInfo
HeapAlloc
RaiseException
GetUserDefaultLCID
IsDebuggerPresent
RtlUnwind
LocalFree
InterlockedCompareExchange
HeapFree
lstrlenA
InitializeCriticalSection
Sleep
GetPrivateProfileStringA
GetCurrentThreadId
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
OpenMutexA
GetModuleFileNameA
WritePrivateProfileStringA
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetTempPathA
GetEnvironmentVariableA
CreateFileA
ReadFile
DeleteFileA
GetTickCount
SetEnvironmentVariableA
SetEnvironmentVariableW
CreateMutexA
WaitForSingleObject
GetLastError
ReleaseMutex
CloseHandle
GetCurrentProcessId
IsBadStringPtrA
CompareStringA
CompareStringW
DeleteCriticalSection
FreeEnvironmentStringsW
QueryPerformanceCounter
GlobalAlloc

user32

ScreenToClient
SystemParametersInfoA
SetRect
GetClientRect
MapWindowPoints
GetWindowRect
GetDlgItemTextA
DestroyIcon
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
CallWindowProcA
GetWindowLongA
InvalidateRect
GetDlgCtrlID
SetWindowLongA
DefWindowProcA
DefDlgProcA
DrawTextA
CreateWindowExA
RegisterClassA
SetWindowTextA
GetNextDlgTabItem
GetSystemMetrics
CopyRect
SetRectEmpty
GetIconInfo
MessageBeep
GetForegroundWindow
EndDialog
MessageBoxA
GetWindowTextW
ExitWindowsEx
SetForegroundWindow
GetDlgItem
DrawIconEx
GetParent
IsWindowEnabled
GetWindowTextA
GetAsyncKeyState
FindWindowA
EnumWindows
GetClassNameA
SendMessageA
EnumThreadWindows
KillTimer
DialogBoxParamW
DialogBoxParamA
DialogBoxIndirectParamA
CreateDialogParamW
CreateDialogParamA
CreateDialogIndirectParamA
LoadImageW
LoadImageA
LoadStringW
LoadStringA
LoadMenuW
LoadMenuA
LoadIconW
LoadIconA
LoadCursorW
LoadBitmapW
LoadBitmapA
LoadAcceleratorsW
LoadAcceleratorsA
MoveWindow
SetTimer
GetWindow
SetPropA
ShowWindow
EnableWindow
SetWindowPos
UpdateWindow
IsWindow
GetPropA
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
LookupIconIdFromDirectory
CreateIconFromResourceEx
WaitForInputIdle
RegisterWindowMessageA
PostMessageA
IsWindowVisible
SetFocus
LoadCursorA

gdi32

GetStockObject
DeleteObject
GetTextMetricsA
SelectObject
CreateCompatibleDC
CreateFontIndirectA
GetObjectA
DeleteDC

comdlg32

GetSaveFileNameA

advapi32

RegEnumKeyA
RegQueryValueA
RegOpenKeyExW
RegQueryValueExW
GetUserNameA
RegCreateKeyA
RegCreateKeyW
RegEnumValueA
RegOpenKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegQueryValueExA
RegSetKeySecurity
RegCreateKeyExA
RegFlushKey
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExW

shell32

ShellExecuteExA

ole32

CoUninitialize
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
StringFromGUID2
CoCreateGuid
OleUninitialize
OleInitialize

oleaut32

SysStringLen
VariantInit
SysAllocStringByteLen
SysFreeString
SysAllocString
VariantClear

comctl32

ord5
ord17
ord6

Exports

Exports

SetFunctionAddresses

Sections

.text
Size: 988KB - Virtual size: 985KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d539163e971952b2b93ccc87f627f57e

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Exports

Exports

Sections

.text Size: 988KB - Virtual size: 985KB

.rdata Size: 124KB - Virtual size: 121KB

.data Size: 20KB - Virtual size: 92KB

.tls Size: 4KB - Virtual size: 2B

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 60KB - Virtual size: 59KB

.text
Size: 988KB - Virtual size: 985KB

.rdata
Size: 124KB - Virtual size: 121KB

.data
Size: 20KB - Virtual size: 92KB

.tls
Size: 4KB - Virtual size: 2B

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 60KB - Virtual size: 59KB