6696d2edebec46fb51ea700652707faa6e614137d2622e5795a6c2fd234c8663

Sharing

Copy URL Twitter E-mail

General

Target

6696d2edebec46fb51ea700652707faa6e614137d2622e5795a6c2fd234c8663
Size

2.7MB
MD5

5e74858a330267071fecf686151c97bc
SHA1

30997a6239e967188191ad73710b079aa911da39
SHA256

6696d2edebec46fb51ea700652707faa6e614137d2622e5795a6c2fd234c8663
SHA512

ec35f0670f79097fb0df2bae50800267eccbb111a6eae6baac8be3b1f002d711a960229a82c5d6abe181d8d30f5977c911eef2b26ae05aca3e0c29568f1bf00d
SSDEEP

49152:VILIYvQp2t2Gp+aFKvXZImDcrwZYuzebJvqSqkx:VILIHp337Iac0Z6t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6696d2edebec46fb51ea700652707faa6e614137d2622e5795a6c2fd234c8663

Files

6696d2edebec46fb51ea700652707faa6e614137d2622e5795a6c2fd234c8663
.dll windows:5 windows x86 arch:x86

65d59c3c6b49804ab882430b6f9168ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rpcrt4

NdrPointerBufferSize

user32

WaitForInputIdle
SetDlgItemTextA
CharNextW
DrawStateW
MessageBoxIndirectA
SubtractRect
InvertRect

gdi32

SetMiterLimit
Arc
GetOutlineTextMetricsW
RectVisible
PolyPolygon
GetSystemPaletteUse

crypt32

CertGetNameStringW
CertRDNValueToStrW

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetPrivateProfileIntW
SetWaitableTimer
GetOEMCP
GetBinaryTypeA
GetEnvironmentStrings
LoadLibraryExA
CreateMailslotA
GetTickCount
lstrlenW
GetModuleHandleA
OutputDebugStringA
GetModuleFileNameW
GlobalDeleteAtom
DuplicateHandle
GetSystemDefaultUILanguage
FreeEnvironmentStringsA
CloseHandle
GetLocaleInfoW
HeapSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCommandLineA
GetTimeZoneInformation
LoadLibraryA
InterlockedExchange
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateFileA
CompareStringA
CompareStringW
FreeLibrary
SetConsoleCtrlHandler
GetThreadPriority
IsValidCodePage
HeapReAlloc
VirtualAlloc
VirtualFree
HeapDestroy
HeapCreate
GetModuleFileNameA
HeapAlloc
RtlUnwind
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
InitializeCriticalSectionAndSpinCount
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
SetEnvironmentVariableA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
GetCurrentThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
FatalAppExitA
HeapFree
Sleep
ExitProcess
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA

setupapi

SetupDiEnumDeviceInfo

urlmon

CoInternetParseUrl
IsAsyncMoniker

opengl32

glGetString

winscard

SCardCancel

esent

JetSeek

advapi32

NotifyBootConfigStatus
QueryServiceLockStatusW
QueryServiceConfigA
EnumServicesStatusW

mprapi

MprInfoDuplicate

wininet

InternetAutodial

winmm

midiInGetDevCapsA
midiOutGetDevCapsW
SendDriverMessage

shlwapi

PathFindExtensionA
SHDeleteKeyA
UrlIsOpaqueW
StrRetToBSTR
SHDeleteEmptyKeyW
ChrCmpIA

rasapi32

RasDialA

ole32

CoWaitForMultipleHandles
CoGetObject

Exports

Exports

EhckewmiraarldeQnd

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_MEM_READ

.data
Size: 420KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 1004KB - Virtual size: 1002KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65d59c3c6b49804ab882430b6f9168ea

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

user32

gdi32

crypt32

kernel32

setupapi

urlmon

opengl32

winscard

esent

advapi32

mprapi

wininet

winmm

shlwapi

rasapi32

ole32

Exports

Exports

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 420KB - Virtual size: 425KB

.qdata Size: 1004KB - Virtual size: 1002KB

.rsrc Size: 44KB - Virtual size: 43KB

.reloc Size: 216KB - Virtual size: 212KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 420KB - Virtual size: 425KB

.qdata
Size: 1004KB - Virtual size: 1002KB

.rsrc
Size: 44KB - Virtual size: 43KB

.reloc
Size: 216KB - Virtual size: 212KB