c07ed65f7f82b04d3de19a6d3cd80f1a373e5333e816ce2a7f0fa159fec87f8d

Sharing

Copy URL Twitter E-mail

General

Target

c07ed65f7f82b04d3de19a6d3cd80f1a373e5333e816ce2a7f0fa159fec87f8d
Size

2.7MB
MD5

f5c9c39f65a22e6647d2e15c85588b12
SHA1

4dfe4315d00c3d7a54621ae07ff3576ab7e57db5
SHA256

c07ed65f7f82b04d3de19a6d3cd80f1a373e5333e816ce2a7f0fa159fec87f8d
SHA512

506e23195db4b251d19bc8fefb1070366a4fe988bf780c5010980c7645bb3bd51781c5f2c7f39c709b80b48cc64e770a603f5c83f7eb745ab3dda0fd684c526e
SSDEEP

49152:QILIYvQp2t2Gp+aFKvXZvEDcrwZYuzebJvqSqkx:QILIHp337vIc0Z6t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c07ed65f7f82b04d3de19a6d3cd80f1a373e5333e816ce2a7f0fa159fec87f8d

Files

c07ed65f7f82b04d3de19a6d3cd80f1a373e5333e816ce2a7f0fa159fec87f8d
.dll windows:5 windows x86 arch:x86

5b7c0ddc385ee992f3b1528c062e4c80

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rpcrt4

NdrPointerBufferSize

user32

WaitForInputIdle
SetDlgItemTextA
CharNextW
DrawStateW
MessageBoxIndirectA
SubtractRect
InvertRect

gdi32

SetMiterLimit
Arc
GetOutlineTextMetricsW
RectVisible
PolyPolygon
GetSystemPaletteUse

crypt32

CertGetNameStringW
CertRDNValueToStrW

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetPrivateProfileIntW
SetWaitableTimer
GetOEMCP
GetBinaryTypeA
GetEnvironmentStrings
LoadLibraryExA
CreateMailslotA
GetTickCount
lstrlenW
GetModuleHandleA
OutputDebugStringA
GetModuleFileNameW
GlobalDeleteAtom
DuplicateHandle
GetSystemDefaultUILanguage
FreeEnvironmentStringsA
CloseHandle
GetLocaleInfoW
HeapSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCommandLineA
GetTimeZoneInformation
LoadLibraryA
InterlockedExchange
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateFileA
CompareStringA
CompareStringW
FreeLibrary
SetConsoleCtrlHandler
GetThreadPriority
IsValidCodePage
HeapReAlloc
VirtualAlloc
VirtualFree
HeapDestroy
HeapCreate
GetModuleFileNameA
HeapAlloc
RtlUnwind
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
InitializeCriticalSectionAndSpinCount
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
SetEnvironmentVariableA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
GetCurrentThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
FatalAppExitA
HeapFree
Sleep
ExitProcess
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA

setupapi

SetupDiEnumDeviceInfo

urlmon

CoInternetParseUrl
IsAsyncMoniker

opengl32

glGetString

winscard

SCardCancel

mprapi

MprInfoDuplicate

advapi32

NotifyBootConfigStatus
QueryServiceLockStatusW
QueryServiceConfigA
EnumServicesStatusW

wininet

InternetAutodial

esent

JetSeek

winmm

midiInGetDevCapsA
midiOutGetDevCapsW
SendDriverMessage

shlwapi

PathFindExtensionA
SHDeleteKeyA
UrlIsOpaqueW
StrRetToBSTR
SHDeleteEmptyKeyW
ChrCmpIA

rasapi32

RasDialA

ole32

CoWaitForMultipleHandles
CoGetObject

Exports

Exports

EhckewmiraarldeQnd

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_MEM_READ

.data
Size: 420KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 1004KB - Virtual size: 1002KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b7c0ddc385ee992f3b1528c062e4c80

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

user32

gdi32

crypt32

kernel32

setupapi

urlmon

opengl32

winscard

mprapi

advapi32

wininet

esent

winmm

shlwapi

rasapi32

ole32

Exports

Exports

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 420KB - Virtual size: 425KB

.qdata Size: 1004KB - Virtual size: 1002KB

.rsrc Size: 44KB - Virtual size: 43KB

.reloc Size: 216KB - Virtual size: 212KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 420KB - Virtual size: 425KB

.qdata
Size: 1004KB - Virtual size: 1002KB

.rsrc
Size: 44KB - Virtual size: 43KB

.reloc
Size: 216KB - Virtual size: 212KB