9423877fe3ff696dae1d13ec15296a2d16bd28ca8a7d4a418c7c8a56ae02be34

Sharing

Copy URL Twitter E-mail

General

Target

9423877fe3ff696dae1d13ec15296a2d16bd28ca8a7d4a418c7c8a56ae02be34
Size

6.5MB
MD5

a0b10fd86252dd8f7a3f9a14ac55dc1f
SHA1

db1bb01a86dbc6e60201ebdeb2f171013fcc3e38
SHA256

9423877fe3ff696dae1d13ec15296a2d16bd28ca8a7d4a418c7c8a56ae02be34
SHA512

853b76768e8e94a183c3d7e123a047c3f9ffd01c6cd959bca8e1d20a5e044f61183f0448d7702a934c036f357ec5d7771c8d608986a8a8b9afcf5e46ba84f9c4
SSDEEP

98304:WeYTpN2V498gOotmbLmgrEdR6SRNaAk36HVZPYqDsOtiJmKEi+Fyc3BdOJs1xRe:WeoIjoMWHRNbk36H7iBJn6c4uqR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9423877fe3ff696dae1d13ec15296a2d16bd28ca8a7d4a418c7c8a56ae02be34

Files

9423877fe3ff696dae1d13ec15296a2d16bd28ca8a7d4a418c7c8a56ae02be34
.dll windows:6 windows x86 arch:x86

23157d49741c70912314ebfee8cdca2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
FreeEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
ReadConsoleInputA
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
HeapSize
GetModuleHandleExW
GetUserDefaultLCID
LCMapStringW
GetProcAddress
GetModuleHandleW
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcess
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetConsoleScreenBufferInfo
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
SetConsoleTextAttribute
SetConsoleCursorPosition
Sleep
GetStdHandle
DeleteFileA
EnumSystemLocalesW
TlsFree
WaitNamedPipeA
LocalFree
OpenFileMappingA
GetModuleHandleA
GetFileType
CreateFileMappingA
ResetEvent
FindClose
IsDBCSLeadByteEx
GetStartupInfoW
CreateFileW
TerminateProcess
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
IsValidLocale
GetCommandLineA
GetWindowsDirectoryA
ConnectNamedPipe
SetCommBreak
GetEnvironmentStringsW
SetEndOfFile
VirtualQuery
UnmapViewOfFile
CreateFileA
GetDateFormatW
GetEnvironmentVariableW
ExitProcess
GetLocaleInfoW
GetCurrentThread
GetTickCount
GetProcessHeap
HeapAlloc
GetCPInfo
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
GetSystemTimeAsFileTime
GetLastError
HeapReAlloc
HeapFree
RaiseException
RtlUnwind
GetCurrentThreadId
SetConsoleMode

user32

IsRectEmpty
DestroyAcceleratorTable
GetSystemMenu
MapDialogRect
IsIconic
IsZoomed
DrawIconEx
DeleteMenu
GetWindowInfo
ShowCaret
BeginPaint
SetScrollRange
GetDoubleClickTime
DrawFocusRect
ShowCursor
CreateDialogIndirectParamA
GetWindowTextA
GetKeyboardLayout
CheckMenuRadioItem
UnionRect
InvalidateRect
SetScrollPos
DrawStateW
GetDlgItem
DefWindowProcA
SetWindowsHookExA
CreatePopupMenu
IsDlgButtonChecked
CreateCaret
MessageBoxW
ReleaseCapture
GetDlgItemTextA
SetDlgItemTextA
CheckMenuItem
GetWindowThreadProcessId
CreateDialogParamA
PostQuitMessage
LoadIconA
EnumWindows
GetDC
ScrollWindow
RedrawWindow
GetDesktopWindow
GetCaretBlinkTime

gdi32

EndPage
GetTextExtentPoint32A
SetTextColor
GetDeviceCaps
SetBkColor
GetRgnBox
CreateBitmap
SelectClipRgn
PtInRegion
CreateCompatibleDC
PlayEnhMetaFile
RectInRegion
CreateCompatibleBitmap
CreateBrushIndirect
SaveDC
GetTextExtentPointW
CreateBitmapIndirect
GetDIBColorTable
GetCharWidth32A
GetTextExtentPointA
GetCharABCWidthsFloatA
SetROP2
RoundRect
GetPixel
CloseEnhMetaFile
RestoreDC
UpdateColors
Ellipse
GetCharABCWidthsW
GetSystemPaletteEntries
EndDoc
SetWinMetaFileBits
CreatePatternBrush

advapi32

RegCloseKey
GetUserNameA
RegDeleteValueA
InitializeSecurityDescriptor
EqualSid
OpenProcessToken

ole32

CoTaskMemFree

Sections

.text
Size: 549KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23157d49741c70912314ebfee8cdca2b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 549KB - Virtual size: 548KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 5KB - Virtual size: 4KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 549KB - Virtual size: 548KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 5KB - Virtual size: 4KB

.reloc
Size: 13KB - Virtual size: 12KB