e5847bb2766ea30584e06fa8869633651eaae6407f383d0cdc36c73ac415d0a5

Sharing

Copy URL Twitter E-mail

General

Target

e5847bb2766ea30584e06fa8869633651eaae6407f383d0cdc36c73ac415d0a5
Size

6.5MB
MD5

89f7b3539512e4936ddbfe0f097adc64
SHA1

7a24d712bd30fd494ed2f268ff148b81ab7b5e7b
SHA256

e5847bb2766ea30584e06fa8869633651eaae6407f383d0cdc36c73ac415d0a5
SHA512

dd9800b36de8b2668020f35d3a8df1c602c43636968434cc7cfff544eea2f36162b6d47e8f70c3a91a06c0e4dfdd60166a87e8eccca6edc07e176a6000d74f0b
SSDEEP

196608:btjmJtKHgC7AJr7FW7Xi9RwDhZDCNrL85gxuSeq:bJmJkACsxci3wDzDClQMuSeq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e5847bb2766ea30584e06fa8869633651eaae6407f383d0cdc36c73ac415d0a5

Files

e5847bb2766ea30584e06fa8869633651eaae6407f383d0cdc36c73ac415d0a5
.dll windows:6 windows x86 arch:x86

e912c44ec40b23369f45df5ec44624fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObjectEx
GetTickCount
GetCurrentThread
VirtualFree
LoadLibraryW
Sleep
ReadProcessMemory
CreateEventA
FormatMessageW
HeapCreate
lstrcpynW
GetModuleFileNameW
CreateFileW
MultiByteToWideChar
RaiseException
GetPrivateProfileIntW
IsDBCSLeadByteEx
SetLastError
GetOEMCP
FindNextFileA
GetStringTypeW
CloseHandle
OpenFileMappingA
EnumSystemLocalesW
GetUserDefaultLCID
SetEndOfFile
OutputDebugStringW
ReadConsoleW
WriteConsoleW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetModuleFileNameA
SetFilePointerEx
ReadFile
GetFileType
GetStdHandle
GetConsoleMode
WriteFile
FlushFileBuffers
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapSize
AreFileApisANSI
QueryPerformanceCounter
SetEnvironmentVariableW
CompareFileTime
LoadLibraryExW
SystemTimeToTzSpecificLocalTime
GetSystemDefaultUILanguage
TlsGetValue
TlsFree
GetCommandLineW
GetThreadPriority
ResetEvent
GlobalFree
VirtualAlloc
FindFirstFileA
GetACP
CompareStringW
TerminateProcess
GetFileAttributesW
Beep
WideCharToMultiByte
GetConsoleCP
VirtualQueryEx
SetHandleInformation
GetCurrentProcess
GetDriveTypeW
RtlCaptureContext
GetModuleHandleExW
ExitProcess
IsValidLocale
GetLocaleInfoW
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetLastError
HeapReAlloc
GetSystemTimeAsFileTime
HeapFree
RtlUnwind
GetCommandLineA
GetCurrentThreadId
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsSetValue
GetStartupInfoW
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent

user32

SetDlgItemInt
DestroyCursor
LoadMenuW
EnumChildWindows
InsertMenuW
BeginDeferWindowPos
SendMessageW
DestroyMenu
DrawFrameControl
CheckMenuItem
DrawIconEx
GetDC
InflateRect
GetDesktopWindow
MessageBoxW
EndMenu
DestroyIcon
SendDlgItemMessageW

gdi32

PolyPolygon
SetLayout
GetTextExtentPoint32W
CreateHatchBrush
StretchBlt
PtInRegion
GetBkColor
GetObjectW
CreatePatternBrush
CloseEnhMetaFile
CreateEnhMetaFileW
GetRgnBox
OffsetRgn
ExtCreateRegion

advapi32

RegUnLoadKeyW
RegSetValueExW
RegSetKeySecurity
OpenSCManagerW
CloseServiceHandle
StartServiceW
RegGetKeySecurity
RegOpenKeyExA
SetSecurityDescriptorDacl

shell32

Shell_NotifyIconW

oleaut32

SysFreeString
VariantCopy
SysReAllocStringLen
SafeArrayPtrOfIndex

Sections

.text
Size: 565KB - Virtual size: 565KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e912c44ec40b23369f45df5ec44624fc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

Sections

.text Size: 565KB - Virtual size: 565KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 565KB - Virtual size: 565KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 13KB - Virtual size: 13KB