0f0a9c7626f90565c78d3b8be038f1e0c9a5d028ea1007c555042a9d25a004f7

Sharing

Copy URL

Twitter E-mail

General

Target

0f0a9c7626f90565c78d3b8be038f1e0c9a5d028ea1007c555042a9d25a004f7
Size

92KB
MD5

dac78e40ed7bf176cac97a0df64a0e07
SHA1

f74ad1e6a8c9fe518c8b1ff318995babd6bb7b72
SHA256

0f0a9c7626f90565c78d3b8be038f1e0c9a5d028ea1007c555042a9d25a004f7
SHA512

8fe54e429117bce43d249f04f195ceefd4b04d7a49fb6091bf1a900ae9177459163586ffe42db23617e196b739943b292e7f717b54c4ac178872e35f97b3f5d4
SSDEEP

1536:mWMB+jKsbRcJwMC7uACtMH+CWoa7GN36IsW8KcdG6+E9obWAyNZTSO:mWHK9mMCsMHkGZMLG0MWzfTSO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f0a9c7626f90565c78d3b8be038f1e0c9a5d028ea1007c555042a9d25a004f7

Files

0f0a9c7626f90565c78d3b8be038f1e0c9a5d028ea1007c555042a9d25a004f7
.dll windows:6 windows x86 arch:x86

2da78248d7052363caef120d4369c3ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

LuaMacro.pdb

Imports

kernel32

TryEnterCriticalSection
GetModuleFileNameW
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CompareStringW
SetLastError
EnterCriticalSection
GetCurrentThread
LoadLibraryW
GetProcAddress
LCMapStringW
GetModuleHandleW
GetThreadTimes
VirtualQuery
CloseHandle
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapAlloc
HeapFree
ExitProcess
SetConsoleCtrlHandler
RaiseException
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
WriteConsoleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
RtlUnwind
GetLastError
InitializeCriticalSectionAndSpinCount

lua51

lua_setfield
luaL_error
luaL_newstate
luaL_ref
lua_newuserdata
lua_pushboolean
lua_sethook
lua_close
lua_getfield
lua_toboolean
lua_settop
lua_pushcclosure

luafar3

LF_GetPluginInfo
LF_ProcessEditorEvent
LF_GetContentData
LF_ProcessViewerEvent
LF_GetContentFields
LF_ProcessHostFile
LF_FreeFindData
LF_GetOpenPanelInfo
LF_ExitFAR
LF_SetDirectory
LF_Open
LF_ProcessConsoleInput
LF_FreeContentData
LF_Configure
LF_InitLuaState2
LF_PutFiles
LF_ProcessPanelInput
LF_DeleteFiles
LF_ClosePanel
LF_ProcessSynchroEvent
LF_MakeDirectory
LF_ProcessEditorInput
LF_ProcessPanelEvent
LF_GetFiles
LF_DlgProc
LF_ProcessDialogEvent
LF_GetFindData
LF_GetGlobalInfo
LF_RunLuafarInit
LF_Compare
LF_Analyse
LF_InitLuaState1
LF_RunDefaultScript
LF_CloseAnalyse
LF_SetFindList

Exports

Exports

AnalyseW
CloseAnalyseW
ClosePanelW
CompareW
ConfigureW
DeleteFilesW
ExitFARW
FreeContentDataW
FreeFindDataW
GetContentDataW
GetContentFieldsW
GetFilesW
GetFindDataW
GetGlobalInfoW
GetLuaState
GetMinFarVersionW
GetOpenPanelInfoW
GetPluginInfoW
MakeDirectoryW
OpenW
ProcessConsoleInputW
ProcessDialogEventW
ProcessEditorEventW
ProcessEditorInputW
ProcessHostFileW
ProcessPanelEventW
ProcessPanelInputW
ProcessSynchroEventW
ProcessViewerEventW
PutFilesW
SetDirectoryW
SetFindListW
SetStartupInfoW
luaopen_luaplug

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2da78248d7052363caef120d4369c3ee

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

lua51

luafar3

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 2KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 2KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 5KB - Virtual size: 4KB