47afe556533347650c573477911628a4d0a5c4728c9e67b169f734b9cd57054a

Sharing

Copy URL Twitter E-mail

General

Target

47afe556533347650c573477911628a4d0a5c4728c9e67b169f734b9cd57054a
Size

40KB
MD5

c7dc25a420ceca7e96c75669cdfdb744
SHA1

59aa7dd578febea18e5d56c39a45032e382f3054
SHA256

47afe556533347650c573477911628a4d0a5c4728c9e67b169f734b9cd57054a
SHA512

2bda9c5d79f01c31f44ed80d13fe834e808c7e1205180282780ad8c8f78b039baa875b0c0d8070f61190b666945dcf4bbd085e4fe7767fcf185af0f4d8fdba0a
SSDEEP

384:7sx9O0UD3ANKrO8PyKq7bBu5RkvP2BEMorreek7I1Pxog2ePcER/sMnD:gx93WHEd2Bmk7I1PxoPyX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47afe556533347650c573477911628a4d0a5c4728c9e67b169f734b9cd57054a

Files

47afe556533347650c573477911628a4d0a5c4728c9e67b169f734b9cd57054a
.dll windows:4 windows x86 arch:x86

8812fc825bc6b6446ae113f23df218a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalLock
GlobalUnlock
FileTimeToSystemTime
FileTimeToLocalFileTime
GlobalFree
GlobalAlloc
FindClose
GetVersionExA
lstrcpynA
lstrcpyA
GetProcAddress
FindFirstFileA
GetModuleFileNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
FindNextFileA
LoadLibraryA
GlobalReAlloc
FreeLibrary

user32

GetWindowLongA
GetWindowTextLengthA
CharPrevA
GetWindowRect
GetTabbedTextExtentA
MoveWindow
PostMessageA
CharNextA
CreateWindowExA
EnableWindow
SetWindowLongA
LoadStringA
GetKeyState
GetClientRect
LoadCursorA
SetCursor
GetWindowTextA
UpdateWindow
SetFocus
InvalidateRect
SetDlgItemTextA
CallWindowProcA
wsprintfA
SetWindowTextA
GetParent
GetDlgItem
ScreenToClient
SendMessageA
ShowWindow
MessageBoxA
GetDlgItemTextA
EndDialog

gdi32

DeleteDC
CreateDCA
SelectObject

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA

ole32

CoInitialize
CoUninitialize

u32misc

ord44

u32comm

u32MoveWindow
u32IsEscPressed
u32MyWinHelp

msvcrt

_mbsrchr
_mbsupr
_mbsstr
_mbscmp
_mbschr
_fullpath
_mbstok
free
_initterm
_mbsrev
_adjust_fdiv
_mbsicmp
_mbspbrk
malloc

Exports

Exports

FindFileHookDlgProc
uBrowseFolder
ubFindFile
ufdFindFile

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8812fc825bc6b6446ae113f23df218a7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

u32misc

u32comm

msvcrt

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1.3MB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1.3MB

.reloc
Size: 8KB - Virtual size: 5KB