4e06d44e9edd533ae5fee9644ba2f2870c774cb3f1c751f605cfd57975125a18

Sharing

Copy URL Twitter E-mail

General

Target

4e06d44e9edd533ae5fee9644ba2f2870c774cb3f1c751f605cfd57975125a18
Size

6.5MB
MD5

261b13471a2d348c44b47206c16b3246
SHA1

beafd76f8851d7efd0cad486f3623c61a50e2a7a
SHA256

4e06d44e9edd533ae5fee9644ba2f2870c774cb3f1c751f605cfd57975125a18
SHA512

9a5b9a6e9cfd54c190b5e88a1bf3f1949e2315ff10fd30e53541392c82c55fafd53144e6041716e7a7b67cfc49f69e6ef1a59e4ac114df65ead03d54b86ab44a
SSDEEP

196608:FWMn+jYLKnikOAZtV8Oe1CZPVbrOXrcpaJC:b+jKdaV8tibaj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e06d44e9edd533ae5fee9644ba2f2870c774cb3f1c751f605cfd57975125a18

Files

4e06d44e9edd533ae5fee9644ba2f2870c774cb3f1c751f605cfd57975125a18
.dll windows:6 windows x86 arch:x86

905ea3fdc0e8b81c5053bbe85a23a1e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
FreeEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetStdHandle
GetACP
SetFilePointerEx
IsDebuggerPresent
GetProcessHeap
HeapSize
GetModuleHandleExW
ExitProcess
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadConsoleW
CreateFileW
EnumSystemLocalesW
GetStringTypeW
GetOEMCP
CreatePipe
ResetEvent
FindClose
CreateNamedPipeA
Beep
IsProcessorFeaturePresent
GetProcessTimes
GetTickCount
TlsGetValue
WaitForSingleObjectEx
WaitForSingleObject
SetHandleInformation
LoadLibraryExW
GetLocaleInfoA
CreateFileA
GetFileType
RaiseException
CreateProcessA
LeaveCriticalSection
GetCommandLineA
ExpandEnvironmentStringsA
GetEnvironmentStringsW
UnmapViewOfFile
IsValidCodePage
WideCharToMultiByte
EnterCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetLastError
HeapReAlloc
GetSystemTimeAsFileTime
HeapFree
RtlUnwind
GetCurrentThreadId
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress

user32

GetClientRect
GetQueueStatus
CheckMenuRadioItem
SetWindowLongA
GetSysColor
EnableScrollBar
IsWindow
PostMessageA
SystemParametersInfoA
SetCaretPos
SetWindowTextA
LoadCursorA
EndPaint
DestroyAcceleratorTable
GetWindowRect
IsIconic
DrawIconEx
LoadStringA
GetParent
CreateMenu
GetDoubleClickTime
GetDC
GetCapture
DrawFocusRect
OffsetRect
UnionRect
DefWindowProcA
GetDesktopWindow
IsDlgButtonChecked
CreateCaret
FlashWindow
DestroyIcon
ValidateRect
CheckMenuItem

gdi32

MoveToEx
GetTextExtentPoint32A
GetMetaFileBitsEx
DeleteDC
GetDIBits
GetRgnBox
GetEnhMetaFileHeader
CreateBitmap
SetMapMode
OffsetRgn
RealizePalette
SetPolyFillMode
StretchDIBits
GetTextExtentPointW
CreateBitmapIndirect
GetTextExtentExPointA
GetTextExtentPointA
Polyline
GetClipBox
SetROP2
EndDoc
Arc
SetWindowExtEx
CreateHatchBrush
CreateHalftonePalette
GetCharABCWidthsFloatA
SetViewportExtEx
GetPixel
CreateSolidBrush
Rectangle

advapi32

InitializeSecurityDescriptor
EqualSid
GetUserNameA
RegQueryValueExW

Sections

.text
Size: 528KB - Virtual size: 528KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

905ea3fdc0e8b81c5053bbe85a23a1e3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 528KB - Virtual size: 528KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 528KB - Virtual size: 528KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 12KB