755a964573ff7ef4800a57090bed96309c01245cf9f1f9248b5b130aa50b93fe

Sharing

Copy URL Twitter E-mail

General

Target

755a964573ff7ef4800a57090bed96309c01245cf9f1f9248b5b130aa50b93fe
Size

708KB
MD5

22135b488588e53be168e263f6ab83dc
SHA1

0f40de8cfa6929725cda7793242511d2bf8e6223
SHA256

755a964573ff7ef4800a57090bed96309c01245cf9f1f9248b5b130aa50b93fe
SHA512

8067871783cb5495968f89f4c0b9e50ec4c68a31d77e8f06c797a179a1eb97ec2908460b18f1d420b7fb0bd4a1b7cfe1cdafbc4e3de2e00aa5678382af2671da
SSDEEP

12288:OtINDy4YR5UMa04YJQ7xR4wdXohD0sVuQlkYEp9d6oIQNZamSlu3I:YIND32w7YJQ7AwdXohD0sVdl5Epj6hIW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
755a964573ff7ef4800a57090bed96309c01245cf9f1f9248b5b130aa50b93fe

Files

755a964573ff7ef4800a57090bed96309c01245cf9f1f9248b5b130aa50b93fe
.dll windows:6 windows x86 arch:x86

8a180923411b17eb179a4b4ce87f5e48

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharUpperBuffW

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

ole32

CoCreateGuid
PropVariantClear
StringFromGUID2
PropVariantCopy

oleaut32

SysAllocStringLen
SysFreeString
SysStringByteLen
SysStringLen

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

SetFilePointerEx
WriteConsoleW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
FreeLibrary
LoadLibraryW
GetProcAddress
lstrcmpiW
QueryPerformanceCounter
QueryPerformanceFrequency
GetPriorityClass
GetCurrentProcess
SetConsoleTitleW
GetStdHandle
PeekConsoleInputW
ReadConsoleInputW
SetPriorityClass
CompareFileTime
EnterCriticalSection
LeaveCriticalSection
SetThreadExecutionState
GlobalMemoryStatus
VirtualAlloc
GetLastError
VirtualFree
GetDiskFreeSpaceW
DeviceIoControl
GetSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
FindResourceExW
LoadResource
LockResource
EnumResourceNamesW
EnumResourceLanguagesW
LoadLibraryExW
BeginUpdateResourceW
EndUpdateResourceW
UpdateResourceW
InitializeCriticalSection
DeleteCriticalSection
FormatMessageW
GetModuleHandleW
LocalFree
GetConsoleTitleW
MultiByteToWideChar
WideCharToMultiByte
ExpandEnvironmentStringsW
CreateFileW
CloseHandle
GetFileSizeEx
ReadFile
WriteFile
SetFileTime
SetEndOfFile
GetFileInformationByHandle
GetFileAttributesW
SetFileAttributesW
DeleteFileW
CreateDirectoryW
RemoveDirectoryW
MoveFileExW
FindFirstFileW
FindClose
SetLastError
FindNextFileW
GetTempPathW
GetTempFileNameW
HeapSetInformation
SearchPathW
VirtualQuery
VirtualProtect
GetModuleHandleA
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
LCMapStringW
GetLocaleInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
RaiseException
RtlUnwind
GetProcessHeap
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
GetModuleFileNameA
GetFileType
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FindFirstFileExA
FindNextFileA
IsValidCodePage

Exports

Exports

AnalyseW
CloseAnalyseW
ClosePanelW
ConfigureW
DeleteFilesW
ExitFARW
FreeFindDataW
GetFilesW
GetFindDataW
GetGlobalInfoW
GetOpenPanelInfoW
GetPluginInfoW
MakeDirectoryW
OpenW
ProcessHostFileW
ProcessPanelInputW
PutFilesW
SetDirectoryW
SetStartupInfoW

Sections

.text
Size: 547KB - Virtual size: 546KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a180923411b17eb179a4b4ce87f5e48

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

ole32

oleaut32

version

kernel32

Exports

Exports

Sections

.text Size: 547KB - Virtual size: 546KB

.rdata Size: 122KB - Virtual size: 121KB

.data Size: 7KB - Virtual size: 12KB

.gfids Size: 1024B - Virtual size: 648B

.rsrc Size: 1024B - Virtual size: 760B

.reloc Size: 28KB - Virtual size: 28KB

.text
Size: 547KB - Virtual size: 546KB

.rdata
Size: 122KB - Virtual size: 121KB

.data
Size: 7KB - Virtual size: 12KB

.gfids
Size: 1024B - Virtual size: 648B

.rsrc
Size: 1024B - Virtual size: 760B

.reloc
Size: 28KB - Virtual size: 28KB