e43b20fad543b9625a6f014798643ceae5fb38831b562f855389c0de34d002a3

Sharing

Copy URL Twitter E-mail

General

Target

e43b20fad543b9625a6f014798643ceae5fb38831b562f855389c0de34d002a3
Size

6.5MB
MD5

f84a40c05490f62bc70bbecfe5231b62
SHA1

9a54d7a543bef3acb620447e0bcb0059f3132ead
SHA256

e43b20fad543b9625a6f014798643ceae5fb38831b562f855389c0de34d002a3
SHA512

423f9aed7df04597edd0c435bece107142aa3a40aeefacf9ff25e3351ed40fdfec35576b308ddad6c0d77b8070ed781b57a75819a42c06343ba0edcec802ef63
SSDEEP

196608:G+cXgiAV8XuTTH67G/vhU/xVqcB5HGVtZPW:6AwITHm4vhU/xVqicVtZP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e43b20fad543b9625a6f014798643ceae5fb38831b562f855389c0de34d002a3

Files

e43b20fad543b9625a6f014798643ceae5fb38831b562f855389c0de34d002a3
.dll windows:6 windows x86 arch:x86

4b5398629fa01cba4af19ec9fe6a03fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetStdHandle
CreateFileW
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
SwitchToThread
ResumeThread
SuspendThread
GetVersion
GetUserDefaultUILanguage
GetSystemInfo
DeviceIoControl
RemoveDirectoryW
GetDiskFreeSpaceW
GetThreadLocale
FileTimeToSystemTime
HeapCreate
HeapDestroy
FormatMessageW
LoadLibraryW
SignalObjectAndWait
SystemTimeToTzSpecificLocalTime
FindFirstFileW
LoadResource
FindResourceW
GetDriveTypeW
EnumResourceNamesW
DeleteFileW
GetThreadPriority
EnumResourceTypesW
VirtualAlloc
VerifyVersionInfoW
GetFileAttributesW
lstrcpynW
GetExitCodeProcess
GetOEMCP
GetStartupInfoW
TlsFree
TlsSetValue
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapReAlloc
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
HeapFree
GetCommandLineA
GetCurrentThreadId
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue

user32

EndPaint
GetSystemMenu
HideCaret
MapDialogRect
SendDlgItemMessageA
PostMessageW
MsgWaitForMultipleObjects
DeleteMenu
GetMenuStringW
CharLowerBuffW
SetParent
ShowCaret
BeginPaint
WaitMessage
LoadMenuW
PeekMessageA
ReleaseDC
GetSysColor
CreateCaret
PostMessageA
ScrollWindowEx
EnableWindow
ValidateRect
GetWindow
SetCursor
GetWindowRect
AttachThreadInput
RemovePropA
CreateMenu
SetFocus
ModifyMenuW
GetDC
GetQueueStatus
GetKeyboardState
GetWindowPlacement
SetPropA
SetRect
UnregisterClassA
SetScrollPos
EndDialog
GetDesktopWindow
GetSysColorBrush
IsDlgButtonChecked
DialogBoxParamA
SetWindowTextW
InsertMenuA

gdi32

ExtCreatePen
SetDIBColorTable
ExcludeClipRect
CreateHalftonePalette
GetPaletteEntries
CreateCompatibleBitmap
SaveDC
SelectPalette
GetDIBColorTable
RectVisible
GetStockObject
TranslateCharsetInfo
GetTextExtentPoint32W
MaskBlt
GdiFlush
CreateCompatibleDC
GetCurrentPositionEx
GetTextExtentExPointA
RestoreDC
MoveToEx

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegLoadKeyW
RegEnumKeyExW
GetLengthSid
InitializeSecurityDescriptor
CloseServiceHandle
RegUnLoadKeyW
AllocateAndInitializeSid

shell32

ExtractIconExW
SHGetFileInfoW

Sections

.text
Size: 566KB - Virtual size: 565KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b5398629fa01cba4af19ec9fe6a03fb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 566KB - Virtual size: 565KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 5KB - Virtual size: 4KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 566KB - Virtual size: 565KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 5KB - Virtual size: 4KB

.reloc
Size: 13KB - Virtual size: 13KB