669686a6bfdbc8a0f237f403375cb09bf514887ff4309cabcbe38b2334bf6777

Sharing

Copy URL Twitter E-mail

General

Target

669686a6bfdbc8a0f237f403375cb09bf514887ff4309cabcbe38b2334bf6777
Size

2.7MB
MD5

af7cd3e4d904522a485deed428bf201f
SHA1

ea64e0d067aa226c33343ca2114da344bf6ae00b
SHA256

669686a6bfdbc8a0f237f403375cb09bf514887ff4309cabcbe38b2334bf6777
SHA512

52f7acfee6dd61a0d16f068ae5a0f4168c532ee5d089099071cce27af2303465f81a8ca8526218cc7c2f3638075ce56f9c76e5100d11ee75b188984cf83c09a5
SSDEEP

49152:yILIYvQp2t2Gp+aFKvXZoBDcrwZYuzebJvqSqkx:yILIHp337oFc0Z6t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
669686a6bfdbc8a0f237f403375cb09bf514887ff4309cabcbe38b2334bf6777

Files

669686a6bfdbc8a0f237f403375cb09bf514887ff4309cabcbe38b2334bf6777
.dll windows:5 windows x86 arch:x86

2822adf07db6c0720e1aa2ae20e9022c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rpcrt4

NdrPointerBufferSize

advapi32

NotifyBootConfigStatus
QueryServiceLockStatusW
QueryServiceConfigA
EnumServicesStatusW

gdi32

SetMiterLimit
Arc
GetOutlineTextMetricsW
RectVisible
PolyPolygon
GetSystemPaletteUse

crypt32

CertGetNameStringW
CertRDNValueToStrW

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetPrivateProfileIntW
SetWaitableTimer
GetOEMCP
GetBinaryTypeA
GetEnvironmentStrings
LoadLibraryExA
CreateMailslotA
GetTickCount
lstrlenW
GetModuleHandleA
OutputDebugStringA
GetModuleFileNameW
GlobalDeleteAtom
DuplicateHandle
GetSystemDefaultUILanguage
FreeEnvironmentStringsA
CloseHandle
GetLocaleInfoW
HeapSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCommandLineA
GetTimeZoneInformation
LoadLibraryA
InterlockedExchange
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateFileA
CompareStringA
CompareStringW
FreeLibrary
SetConsoleCtrlHandler
GetThreadPriority
IsValidCodePage
HeapReAlloc
VirtualAlloc
VirtualFree
HeapDestroy
HeapCreate
GetModuleFileNameA
HeapAlloc
RtlUnwind
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
InitializeCriticalSectionAndSpinCount
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
SetEnvironmentVariableA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
GetCurrentThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
FatalAppExitA
HeapFree
Sleep
ExitProcess
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA

setupapi

SetupDiEnumDeviceInfo

urlmon

CoInternetParseUrl
IsAsyncMoniker

opengl32

glGetString

winscard

SCardCancel

wininet

InternetAutodial

user32

WaitForInputIdle
SetDlgItemTextA
CharNextW
DrawStateW
MessageBoxIndirectA
SubtractRect
InvertRect

mprapi

MprInfoDuplicate

esent

JetSeek

winmm

midiInGetDevCapsA
midiOutGetDevCapsW
SendDriverMessage

shlwapi

PathFindExtensionA
SHDeleteKeyA
UrlIsOpaqueW
StrRetToBSTR
SHDeleteEmptyKeyW
ChrCmpIA

rasapi32

RasDialA

ole32

CoWaitForMultipleHandles
CoGetObject

Exports

Exports

EhckewmiraarldeQnd

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_MEM_READ

.data
Size: 420KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 1004KB - Virtual size: 1002KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2822adf07db6c0720e1aa2ae20e9022c

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

advapi32

gdi32

crypt32

kernel32

setupapi

urlmon

opengl32

winscard

wininet

user32

mprapi

esent

winmm

shlwapi

rasapi32

ole32

Exports

Exports

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 420KB - Virtual size: 425KB

.qdata Size: 1004KB - Virtual size: 1002KB

.rsrc Size: 44KB - Virtual size: 43KB

.reloc Size: 216KB - Virtual size: 212KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 420KB - Virtual size: 425KB

.qdata
Size: 1004KB - Virtual size: 1002KB

.rsrc
Size: 44KB - Virtual size: 43KB

.reloc
Size: 216KB - Virtual size: 212KB