d815768daa1a8f965b1bd3a60b6898c8dcab8dc958e4dc8107bfa973a2112365

Sharing

Copy URL Twitter E-mail

General

Target

d815768daa1a8f965b1bd3a60b6898c8dcab8dc958e4dc8107bfa973a2112365
Size

195KB
MD5

84f77f3329f4f30de7d6f7f6863e7bb6
SHA1

d0732532e169d1b605df96cccf79a819ae5322aa
SHA256

d815768daa1a8f965b1bd3a60b6898c8dcab8dc958e4dc8107bfa973a2112365
SHA512

3b535ab526123f905965838fba0c390dc218dbe2e2e53bda97ced94b1a90e4eb35de9cc49762f8b5dc6acf121802cfc29adb60674130cf3a7008e5a7ddae68dc
SSDEEP

3072:2npUhdPXOK/PAR9fT5hv/mAMy1sA8K5+91uCis0O3QHeyAfDJCceK/H/:2UdPXOK/IR5PveFy1Ol

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d815768daa1a8f965b1bd3a60b6898c8dcab8dc958e4dc8107bfa973a2112365

Files

d815768daa1a8f965b1bd3a60b6898c8dcab8dc958e4dc8107bfa973a2112365
.dll windows:5 windows x86 arch:x86

fa5f8bdc3829b17819f05390b37cc253

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapSize
VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
GetOEMCP
GetCPInfo
GetLocaleInfoA
InterlockedExchange
InterlockedIncrement
GetModuleHandleW
GetCurrentProcessId
GlobalFlags
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LoadLibraryA
lstrcmpW
GetVersionExA
FormatMessageA
MultiByteToWideChar
GetLastError
SetErrorMode
GetModuleFileNameA
lstrlenA
GetCurrentThreadId
CloseHandle
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalAlloc
GlobalHandle
GlobalUnlock
GlobalReAlloc
GlobalLock
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
FreeLibrary
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
InterlockedDecrement
GetModuleFileNameW
SetLastError
GetModuleHandleA
GetTickCount
GetProcAddress

user32

PostQuitMessage
DestroyMenu
LoadCursorA
GetSysColorBrush
GetWindowThreadProcessId
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
IsWindowEnabled
SetWindowTextA
RegisterWindowMessageA
LoadIconA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
EnableWindow
SetForegroundWindow
GetClientRect
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
UnhookWindowsHookEx
ValidateRect
PeekMessageA
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
GetWindowLongA
WinHelpA
GetKeyState
SendMessageA
DispatchMessageA
CallNextHookEx
SetWindowsHookExA
UnregisterClassA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
CheckMenuItem
EnableMenuItem
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
ModifyMenuA
GetClassNameA

gdi32

DeleteDC
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
RectVisible
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
GetDeviceCaps
PtVisible
SetMapMode
RestoreDC
SaveDC
DeleteObject
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
TextOutA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa5f8bdc3829b17819f05390b37cc253

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

shlwapi

oleaut32

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 26KB - Virtual size: 26KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 26KB - Virtual size: 26KB