88db9a19c0a782aee6967e6cb690ab7e39abe1da62f1286d94ce969e2ef81b27

Sharing

Copy URL Twitter E-mail

General

Target

88db9a19c0a782aee6967e6cb690ab7e39abe1da62f1286d94ce969e2ef81b27
Size

6.4MB
MD5

e0907910483461ba6aca75db15938feb
SHA1

cd8045fb74fb03f1c301ecd05a142e1e8f004dd7
SHA256

88db9a19c0a782aee6967e6cb690ab7e39abe1da62f1286d94ce969e2ef81b27
SHA512

096ba03f9c1ab76cd2a54e81b2847341c2a367b1aa37192c1579cfe643935a0cb012ab57210176ea7abff2876f583cb37e01e3c65893064376c815c13f6bba2e
SSDEEP

196608:679bIKDnj4Vfyo5OdUyk4MqZR02R46uIEjIdQ:67eaMVfyhxk2FOV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88db9a19c0a782aee6967e6cb690ab7e39abe1da62f1286d94ce969e2ef81b27

Files

88db9a19c0a782aee6967e6cb690ab7e39abe1da62f1286d94ce969e2ef81b27
.dll windows:6 windows x86 arch:x86

3a4d2db34c3071c6c05a225eac2911f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnmapViewOfFile
SetErrorMode
WaitNamedPipeA
GetCurrentProcess
CompareFileTime
SignalObjectAndWait
GetLogicalDrives
GetTickCount
GetSystemDirectoryW
ReadProcessMemory
lstrcpynW
TerminateProcess
GetTimeZoneInformation
GetOverlappedResult
MultiByteToWideChar
GetPrivateProfileIntW
IsDBCSLeadByteEx
EnterCriticalSection
CreateFileMappingA
GetExitCodeThread
CreatePipe
VirtualProtect
DeleteFileW
lstrcpyW
SwitchToThread
CreateFileW
TlsGetValue
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetStdHandle
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapSize
GetEnvironmentVariableW
GetCommandLineW
OpenFileMappingA
GetCurrentProcessId
WinExec
DeleteCriticalSection
GetSystemInfo
QueryDosDeviceW
RemoveDirectoryW
GetLocalTime
FindClose
LoadResource
GetCPInfoExW
WritePrivateProfileStringW
GetStartupInfoW
GetFileAttributesW
GetFileAttributesA
GetVersionExW
Sleep
OpenProcess
TlsSetValue
ExpandEnvironmentStringsA
VirtualFree
EnumCalendarInfoW
ReadConsoleW
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
WideCharToMultiByte
LeaveCriticalSection
EncodePointer
DecodePointer
GetStringTypeW
GetLastError
HeapReAlloc
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
HeapFree
GetCommandLineA
GetCurrentThreadId
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsFree
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent

user32

GetDlgCtrlID
IsIconic
PostMessageW
CharLowerBuffW
DrawTextExW
ModifyMenuW
CreateIconIndirect
DrawFocusRect
InflateRect
DrawStateW
IsRectEmpty
DestroyMenu
CharUpperW
SetWindowTextW
ToUnicode
CopyRect
CharNextW
AttachThreadInput
GetWindowInfo
GetDC
GetWindowLongW
GetDesktopWindow
EnableScrollBar
GetMenuItemCount
InsertMenuW
MessageBoxW
SetDlgItemTextW
ValidateRgn

gdi32

ExtFloodFill
GetMetaFileBitsEx
CreateHatchBrush
CreateBitmapIndirect
GetObjectW
SetStretchBltMode
Polygon
CreateFontIndirectW
GetRegionData
PtInRegion
CreatePatternBrush
CreateEnhMetaFileW
SetWindowExtEx

comdlg32

GetOpenFileNameW

advapi32

RegSetValueExW
ControlService
RegOpenKeyExA
SetSecurityDescriptorDacl
StartServiceW
RegGetKeySecurity
RegQueryValueExW
CloseServiceHandle

shell32

ExtractIconExW
Shell_NotifyIconW
ShellExecuteW

ole32

CoInitialize

oleaut32

SafeArrayGetUBound
SafeArrayCreate
VariantClear

Sections

.text
Size: 483KB - Virtual size: 483KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a4d2db34c3071c6c05a225eac2911f6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 483KB - Virtual size: 483KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 483KB - Virtual size: 483KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 11KB - Virtual size: 11KB