ab603ad2f0ce6f20c5dba487ac79ff0d7ff7fc4c065f04c74dca150484edf4d9

General

Target

ab603ad2f0ce6f20c5dba487ac79ff0d7ff7fc4c065f04c74dca150484edf4d9
Size

3.1MB
MD5

09b68f404104a32ce23aca23f16ff9eb
SHA1

6fb205754254c7bbc01bf5e4595d8c8b48483bc7
SHA256

ab603ad2f0ce6f20c5dba487ac79ff0d7ff7fc4c065f04c74dca150484edf4d9
SHA512

2d47ec8b2a2cb6c64e40424bd1f725e48f5b0f913e6b385c30b46df33eb829f631c90528f712ff103490b819aa4593fa320c4a8946c02a531860ab49ed0d905b
SSDEEP

49152:tI5mRLpM8f9ROkKlsjnJJmfjakvoT7/UNfQc53j9DWPjGG+10X4ZhuTU:tu2KMQPlsjnDSs7cNY+3RDTGro

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab603ad2f0ce6f20c5dba487ac79ff0d7ff7fc4c065f04c74dca150484edf4d9

Files

ab603ad2f0ce6f20c5dba487ac79ff0d7ff7fc4c065f04c74dca150484edf4d9
.dll windows:5 windows x86 arch:x86

028c33211df4abd0a5e947172dbdd65a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

SetDCPenColor

kernel32

OutputDebugStringA
GetModuleHandleA
GetStringTypeA
GetModuleHandleW
SetPriorityClass
AreFileApisANSI
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetProcAddress
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
GetLastError
CompareStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
HeapFree
Sleep
ExitProcess
GetLocaleInfoA
HeapAlloc
InitializeCriticalSectionAndSpinCount
WriteFile
GetStdHandle
GetModuleFileNameA
VirtualFree
VirtualAlloc
HeapReAlloc
LoadLibraryA
RtlUnwind

mprapi

MprAdminMIBEntryDelete

oleaut32

GetRecordInfoFromGuids

user32

UnpackDDElParam
SetForegroundWindow

Exports

Exports

AwcdthodsHlu

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 356KB - Virtual size: 359KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

028c33211df4abd0a5e947172dbdd65a

Headers

File Characteristics

Imports

gdi32

kernel32

mprapi

oleaut32

user32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 356KB - Virtual size: 359KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 180KB - Virtual size: 179KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 356KB - Virtual size: 359KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 180KB - Virtual size: 179KB