445fc7950801cfd6e782f193d59c1d21c4ab553cbdda33c1a48d2805f2a0769a

Sharing

Copy URL Twitter E-mail

General

Target

445fc7950801cfd6e782f193d59c1d21c4ab553cbdda33c1a48d2805f2a0769a
Size

249KB
MD5

0611b9075e595457bce69cab68533360
SHA1

cfaf8da246f80903ecdf4ea8ba27ffd6be14a71d
SHA256

445fc7950801cfd6e782f193d59c1d21c4ab553cbdda33c1a48d2805f2a0769a
SHA512

ba93a621f6872bc4f7bb0b19bc08f84aa3d1ca3f62c114639cac2478c91bd148623e7090a9a6ed3de61f316960f9a4c8559df14c09ed99a3df338186842bde74
SSDEEP

3072:tzWd9bO7BgIsYSg6aAxOZw5fNtM3ysPsLUlTYWwvfr6uvLL+QJNhfryLHX/7pRtD:tOIsjxOZwfnUysqW2vDX+eN4XRj8gz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
445fc7950801cfd6e782f193d59c1d21c4ab553cbdda33c1a48d2805f2a0769a

Files

445fc7950801cfd6e782f193d59c1d21c4ab553cbdda33c1a48d2805f2a0769a
.dll windows:5 windows x86 arch:x86

8511b45752374196dec62dcca0ce72bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

hid

HidD_GetAttributes
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_GetSerialNumberString
HidP_GetCaps

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces

kernel32

WriteConsoleW
SetFilePointerEx
DecodePointer
InterlockedDecrement
RaiseException
TerminateThread
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WaitForSingleObject
CloseHandle
CreateEventW
HeapAlloc
HeapFree
InterlockedIncrement
DebugBreak
lstrlenA
lstrlenW
OutputDebugStringW
FreeLibrary
GetProcAddress
WideCharToMultiByte
CreateThread
GetOverlappedResult
ResumeThread
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEvent
ResetEvent
WaitForMultipleObjects
WriteFile
ReadFile
PurgeComm
CreateFileW
CancelIo
ClearCommError
SetupComm
GetCommState
SetCommState
SetCommTimeouts
CreateSemaphoreW
GetModuleFileNameA
MultiByteToWideChar
GetConsoleCP
CreateWaitableTimerW
SetWaitableTimer
CancelWaitableTimer
GetProcessHeap
FlushFileBuffers
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
HeapSize
HeapReAlloc
GetConsoleMode
LCMapStringW
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RtlUnwind
InterlockedFlushSList
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStringTypeW
GetACP
GetStdHandle
GetFileType

user32

LoadStringW
CharUpperW
SendMessageW
PostMessageW
CharNextW

ws2_32

ioctlsocket
WSACleanup
recv
__WSAFDIsSet
WSAGetLastError
select
send
setsockopt
shutdown
socket
closesocket
WSAStartup
bind
htons
inet_addr
connect
getsockopt

Exports

Exports

PLUG_GetLink

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8511b45752374196dec62dcca0ce72bb

Headers

DLL Characteristics

File Characteristics

Imports

hid

setupapi

kernel32

user32

ws2_32

Exports

Exports

Sections

.text Size: 175KB - Virtual size: 175KB

.rdata Size: 50KB - Virtual size: 50KB

.data Size: 7KB - Virtual size: 10KB

.gfids Size: 512B - Virtual size: 256B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 175KB - Virtual size: 175KB

.rdata
Size: 50KB - Virtual size: 50KB

.data
Size: 7KB - Virtual size: 10KB

.gfids
Size: 512B - Virtual size: 256B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 13KB - Virtual size: 13KB