2d94cdc7c7f952eb37d4691355397ae7bac7247bd1eb876f2e88b59ce67741d3

Sharing

Copy URL

Twitter E-mail

General

Target

2d94cdc7c7f952eb37d4691355397ae7bac7247bd1eb876f2e88b59ce67741d3
Size

412KB
MD5

bf804f25d3070c12f44fafe62de67756
SHA1

44234699c4890c9187f5e0012d09a88bc62fc0a2
SHA256

2d94cdc7c7f952eb37d4691355397ae7bac7247bd1eb876f2e88b59ce67741d3
SHA512

d4c3557f48fafdbda5f51c76bd3b2a3a3824c40c0cdc094f9e857f62bb56557669a9e538f5cdf699da6a4e0a25ed4d6f6f2bf11d555b2a2f82d5a6d766025d4f
SSDEEP

6144:F1kzEnNJGTZGfpvPJJuECOhg+/Y2YbTZuc+iVVZXHS8JdqRlMZHQpQFrn1gQAO4W:FjSQY2u8fiVVdSmqv8HPln1gQeTpt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d94cdc7c7f952eb37d4691355397ae7bac7247bd1eb876f2e88b59ce67741d3

Files

2d94cdc7c7f952eb37d4691355397ae7bac7247bd1eb876f2e88b59ce67741d3
.dll windows:6 windows x86 arch:x86

70651f756480bfe18147b6276c04f445

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
SetEndOfFile
WriteFile
GetCurrentProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExW
SystemTimeToTzSpecificLocalTime
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
SetFilePointerEx
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExA
SetStdHandle
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetStdHandle
GetTimeFormatW
GetDateFormatW
GetModuleFileNameA
HeapQueryInformation
GetCommandLineA
GetFileType
GetTimeZoneInformation
GetModuleHandleExW
InterlockedFlushSList
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringW
OutputDebugStringW
GetFullPathNameW
FlushFileBuffers
DeleteFileW
FindResourceExW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
FormatMessageW
MulDiv
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetVersionExW
GetCurrentThread
CreateEventW
SetEvent
VirtualProtect
GlobalFree
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
GetSystemDirectoryW
EncodePointer
GetModuleHandleA
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
CloseHandle
GetCurrentThreadId
FindNextFileA
FindFirstFileA
GetProcAddress
GetModuleHandleW
GetVolumeInformationW
GetDiskFreeSpaceW
MoveFileExW
CreateFileW
GetCommandLineW
FindResourceW
LoadLibraryW
FormatMessageA
LocalFree
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
LoadLibraryExA
GetVersionExA
FindFirstFileW
FindClose
FreeLibrary
ExitProcess
GetACP
WideCharToMultiByte
MultiByteToWideChar
Sleep
DeleteCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
WriteConsoleW
RaiseException
CreateDirectoryW
DecodePointer

user32

IsDialogMessageW
IsWindowEnabled
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
GetWindowLongW
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollPos
CreateDialogIndirectParamW
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetDlgCtrlID
GetDlgItem
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
DestroyWindow
IsChild
IsMenu
SendMessageW
EnableWindow
GetParent
UnregisterClassW
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
LoadBitmapW
SetMenuItemInfoW
EndDialog
GetNextDlgTabItem
GetActiveWindow
GetDesktopWindow
GetAsyncKeyState
MapDialogRect
GetMessageW
TranslateMessage
PostQuitMessage
RedrawWindow
SetWindowTextA
SetWindowTextW
MessageBoxA
MessageBoxW
PeekMessageA
SetWindowPos
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetSystemMetrics
GetDC
ReleaseDC
GetClientRect
GetWindowRect
GetCursorPos
ClientToScreen
SetCursor
LoadCursorA
GetWindowThreadProcessId
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetFocus
CheckMenuItem
EnableMenuItem
RealChildWindowFromPoint
LoadCursorW
DrawTextW
DrawTextExW
CharUpperW
InvalidateRect
KillTimer
SetTimer
DestroyMenu
TabbedTextOutW
SetFocus
GrayStringW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetSysColorBrush

gdi32

DeleteDC
Escape
GetClipBox
GetStockObject
PtVisible
RectVisible
SetMapMode
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
EnumFontFamiliesExW
DeleteObject
GetDeviceCaps
GetObjectW
SetTextColor
SetBkColor
CreateBitmap
SelectObject
SaveDC
RestoreDC

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteW

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid

oleaut32

SysAllocString
VariantChangeType
VariantClear
VariantInit
SysFreeString

oleacc

LresultFromObject
CreateStdAccessibleObject

Exports

Exports

exportedHeapusageDiagnostic
start

Sections

.text
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70651f756480bfe18147b6276c04f445

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oleacc

Exports

Exports

Sections

.text Size: 264KB - Virtual size: 263KB

.rdata Size: 90KB - Virtual size: 89KB

.data Size: 7KB - Virtual size: 105KB

.gfids Size: 4KB - Virtual size: 4KB

.giats Size: 512B - Virtual size: 4B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 19KB - Virtual size: 18KB

.text
Size: 264KB - Virtual size: 263KB

.rdata
Size: 90KB - Virtual size: 89KB

.data
Size: 7KB - Virtual size: 105KB

.gfids
Size: 4KB - Virtual size: 4KB

.giats
Size: 512B - Virtual size: 4B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 19KB - Virtual size: 18KB