35ae46517791c7d80cd59c44123ef6c779ceca2b8196392e8c389ff297f1c87d

Sharing

Copy URL Twitter E-mail

General

Target

35ae46517791c7d80cd59c44123ef6c779ceca2b8196392e8c389ff297f1c87d
Size

581KB
MD5

364b85c789ad68318f5430cfe86c0dbd
SHA1

79b02f7057283e4dbe96c673dc0b47f8a8b74ad5
SHA256

35ae46517791c7d80cd59c44123ef6c779ceca2b8196392e8c389ff297f1c87d
SHA512

6397729580c7f47a0abbadc6a70032ff8e887fdada992c60363f471d1918879fc95be90e742064874ebcef6b611e6637af39f1dd3fca456510046388d8df871b
SSDEEP

12288:Jn1aVPR4WSA2+UiripdlF8fe6S9GPA4NTpBjvrEH7lBh:Jn1aMFAJJydtrKA4NT3rEH7t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35ae46517791c7d80cd59c44123ef6c779ceca2b8196392e8c389ff297f1c87d

Files

35ae46517791c7d80cd59c44123ef6c779ceca2b8196392e8c389ff297f1c87d
.dll windows:6 windows x86 arch:x86

208cd1b793c1b043b4a22d8f776f310c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
GetModuleFileNameW
WriteFile
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetStdHandle
GetProcessHeap
HeapSize
ExitProcess
IsDebuggerPresent
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsSetValue
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
HeapAlloc
RtlUnwind
RaiseException
GetCurrentThreadId
HeapFree
LoadLibraryExW
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadConsoleW
CreateFileW
CreatePipe
GetCurrentProcessId
GetModuleHandleA
SetLastError
GetSystemDirectoryA
ExpandEnvironmentStringsA
GetCPInfo
GetOverlappedResult
GetTickCount
EnumSystemLocalesW
CloseHandle
Sleep
FlushFileBuffers
GetFileType
SetCommState
SetCommBreak
GetEnvironmentStringsW
TlsFree
TlsAlloc
GetStringTypeW
LoadLibraryA
MultiByteToWideChar
GetACP
GetWindowsDirectoryA
GetCommandLineW
GetModuleFileNameA
ResetEvent
CreateNamedPipeA
GlobalUnlock
TerminateProcess
CreateProcessA
WideCharToMultiByte
GetCommandLineA
GetCurrentThread
SetHandleInformation
GetModuleHandleExW
QueryPerformanceCounter
SetEnvironmentVariableW
GetLocaleInfoA
TlsGetValue
GlobalMemoryStatus
GetDateFormatW
LCMapStringW
GetLastError
DeleteCriticalSection
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection

user32

RegisterClassW
BeginDeferWindowPos
SetDlgItemTextA
SendDlgItemMessageA
IsIconic
BeginPaint
DefWindowProcA
CheckRadioButton
GetSystemMetrics
SetWindowTextA
SetWindowsHookExA
GetSystemMenu
GetWindowTextA
CheckMenuRadioItem
DestroyCaret
IsWindow
ShowOwnedPopups
DrawIconEx
RemovePropA
SetWindowLongA
DestroyCursor
GetSysColor
SetMenu
PostMessageA
EndMenu
EndPaint
SetCursor
HideCaret
TrackPopupMenu
MessageBeep
CreateIconIndirect
GetDC
DrawFocusRect
OffsetRect
MessageBoxA
DrawStateW
GetDesktopWindow
IsDlgButtonChecked
DrawMenuBar
RemoveMenu
MessageBoxW
ReleaseCapture
EnableWindow
GetCaretBlinkTime
CheckMenuItem
RegisterClassA

gdi32

CreateFontA
SetBkColor
GetMetaFileBitsEx
GetDIBits
GdiFlush
CreateRectRgnIndirect
CreateBrushIndirect
OffsetRgn
CreateBitmapIndirect
Polyline
GetPixel
MoveToEx
GetWindowOrgEx
SetDIBColorTable
CombineRgn
GetCharABCWidthsFloatA
UpdateColors
CreatePolygonRgn
TranslateCharsetInfo
ExtFloodFill
CreatePalette
GetPaletteEntries
CreatePenIndirect
PlayEnhMetaFile
CreateCompatibleBitmap
SaveDC
RealizePalette
GetObjectW
EndPage
SetWindowExtEx
MaskBlt
GetRegionData
RectInRegion
Ellipse
StretchDIBits
GetBkColor
SetPaletteEntries
GetDIBColorTable
GetTextExtentPointA
GetClipBox
RectVisible
CreateDIBitmap
GetStockObject
GetObjectType

advapi32

InitializeSecurityDescriptor
GetLengthSid
SetSecurityDescriptorOwner
GetUserNameA
RegOpenKeyExW
RegDeleteKeyA
EqualSid

ole32

CoTaskMemFree

Sections

.text
Size: 385KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 457KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

208cd1b793c1b043b4a22d8f776f310c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 385KB - Virtual size: 384KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 21KB - Virtual size: 457KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 385KB - Virtual size: 384KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 21KB - Virtual size: 457KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 15KB - Virtual size: 14KB