0dc6e33ad38b2017c0186d07a54267bc45ddab3bf419a3ccea4f0ad8fbc52294

Sharing

Copy URL Twitter E-mail

General

Target

0dc6e33ad38b2017c0186d07a54267bc45ddab3bf419a3ccea4f0ad8fbc52294
Size

526KB
MD5

e53f7bd971832b3a4793f4fc83e11fe4
SHA1

cc9b18152a2c7051e6b054fb531be6df18265dff
SHA256

0dc6e33ad38b2017c0186d07a54267bc45ddab3bf419a3ccea4f0ad8fbc52294
SHA512

7520965b55993e8b4120ba53d433f4179f899f82bf9a0a172b7dd005847fa2b35170733170471744600b94f0b749ecd4a227d62ebf2df660c5cca780c2151a46
SSDEEP

12288:ABcsWJa7WaQHpvDESPnt/WdOfVP/y/Bq:YcstqHOSPnt/WYfVP/y/B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dc6e33ad38b2017c0186d07a54267bc45ddab3bf419a3ccea4f0ad8fbc52294

Files

0dc6e33ad38b2017c0186d07a54267bc45ddab3bf419a3ccea4f0ad8fbc52294
.dll windows:6 windows x86 arch:x86

141ebeb228974f753213e34d076afc33

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
WriteFile
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetModuleFileNameA
CloseHandle
HeapSize
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetProcessHeap
IsDebuggerPresent
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsAlloc
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryExW
SetStdHandle
OutputDebugStringW
WriteConsoleW
ReadConsoleW
MulDiv
GetTickCount
IsDBCSLeadByteEx
GetSystemDefaultLangID
GetStringTypeW
GetOEMCP
LoadLibraryA
CompareStringW
CreateFileW
GetProcessTimes
CreateFileA
CreateEventW
InitializeSListHead
TerminateProcess
QueryPerformanceCounter
CreateFileMappingA
ExpandEnvironmentStringsA
GetCurrentThread
EnumSystemLocalesW
FindNextFileA
CreatePipe
GetFileType
GetLocalTime
GetModuleFileNameW
CreateProcessA
IsProcessorFeaturePresent
GetFileAttributesA
SetCommBreak
SetEnvironmentVariableW
SetEndOfFile
MapViewOfFile
TlsGetValue
GetStdHandle
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetLastError
HeapFree
GetCommandLineA
GetCurrentThreadId
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc

user32

SetClassLongA
SetWindowTextA
SetCursor
MapDialogRect
LoadStringA
ShowCaret
ShowCursor
RegisterClassW
DestroyIcon
KillTimer
SetTimer
RegisterClassA
ToAsciiEx
DefWindowProcA
CreateCaret
ShowOwnedPopups
GetMessageA
SetWindowRgn
PostQuitMessage
SetKeyboardState
DrawEdge
SetScrollRange
SetWindowsHookExA
CreatePopupMenu
SetCaretPos
SendDlgItemMessageA
IsIconic
MsgWaitForMultipleObjects
MessageBeep
BeginPaint
GetDoubleClickTime
GetDC
GetKeyboardState
InflateRect
CreateDialogIndirectParamA
MessageBoxA
SystemParametersInfoW
ReleaseDC
EndDialog
RedrawWindow
DestroyCursor
GetDesktopWindow
SetMenu
DrawMenuBar
FlashWindow
CheckRadioButton
GetWindowThreadProcessId

gdi32

LineTo
ExcludeClipRect
GdiFlush
CreateHalftonePalette
CreateCompatibleBitmap
RealizePalette
GetPixel
UpdateColors
SetWindowOrgEx
SetBkColor
CopyEnhMetaFileA
GetCharWidth32A
SetROP2
RestoreDC
SetWindowExtEx
CreateBitmap
ExtCreatePen
Arc
Polygon
CreateFontA
CreatePenIndirect
GetTextExtentPointA
GetCharABCWidthsFloatA
PatBlt
SetTextColor
GetCharacterPlacementW
CombineRgn
Ellipse
OffsetRgn
StretchDIBits
GetCurrentPositionEx
GetNearestPaletteIndex
CreatePatternBrush
GetCharABCWidthsW

advapi32

RegCloseKey
AllocateAndInitializeSid
LookupPrivilegeValueW
OpenProcessToken

Sections

.text
Size: 401KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

141ebeb228974f753213e34d076afc33

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 401KB - Virtual size: 401KB

.rdata Size: 87KB - Virtual size: 87KB

.data Size: 20KB - Virtual size: 17.4MB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 401KB - Virtual size: 401KB

.rdata
Size: 87KB - Virtual size: 87KB

.data
Size: 20KB - Virtual size: 17.4MB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 16KB - Virtual size: 15KB