66794ea7e46fde44599ec74995a87e9be27ee8ff44689afe02a3aa5047d9f92d

Sharing

Copy URL Twitter E-mail

General

Target

66794ea7e46fde44599ec74995a87e9be27ee8ff44689afe02a3aa5047d9f92d
Size

1.6MB
MD5

556f95662f045c176a2a1b0492d8df3e
SHA1

0a88758a3296ceb64d12cd89a24e99300b7fd659
SHA256

66794ea7e46fde44599ec74995a87e9be27ee8ff44689afe02a3aa5047d9f92d
SHA512

139cf23e2f594d486ef6d49c63b1c6c1fe6aaa470b09811bb5b2b07d2d3862ee54c50fe335445f8d274944df5483c0b7735411d0caeb5f9d1b2bbcd5b4b7d5ae
SSDEEP

24576:5SyNYVd1Dquv0jOYe3GKSVjpxyPuhPj9LKWQ9bUW8NRnXWfQ6d+hPjRg0Vlj:5QVd1muIEbSBhTKWQ9SNpu9+Z1g0n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66794ea7e46fde44599ec74995a87e9be27ee8ff44689afe02a3aa5047d9f92d

Files

66794ea7e46fde44599ec74995a87e9be27ee8ff44689afe02a3aa5047d9f92d
.dll windows:5 windows x86 arch:x86

3c130ded6a92bfc396329a3cfc59719a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

OleCreateMenuDescriptor
CoGetMalloc
CoRegisterMessageFilter
HGLOBAL_UserMarshal
OleLoad

shlwapi

StrCpyNW
UrlHashW
StrChrNW

iphlpapi

GetNumberOfInterfaces
Icmp6CreateFile
NotifyAddrChange

user32

GetSystemMetrics
SetPropA
SetWindowRgn
CreateWindowExW
GetDlgItemTextA
CloseDesktop
GetClientRect

advapi32

NotifyBootConfigStatus
DeregisterEventSource
DuplicateTokenEx
CloseEventLog

mprapi

MprAdminBufferFree

wintrust

CryptSIPPutSignedDataMsg

avifil32

AVIStreamLength

winmm

SendDriverMessage

gdi32

GetGlyphOutlineA
PatBlt

ntdsapi

DsMapSchemaGuidsW

oleaut32

VectorFromBstr
VarR8FromI1
VarBstrCmp
VarBstrFromR8
VarBoolFromCy

wininet

HttpSendRequestExW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderLocation

lz32

LZInit

rpcrt4

RpcServerUseProtseqEpExW
NdrCorrelationInitialize
RpcIfInqId
RpcStringBindingComposeW

clusapi

OpenClusterResource

kernel32

LoadLibraryA
HeapReAlloc
VirtualAlloc
VirtualFree
GetModuleFileNameA
GetStdHandle
WriteFile
InitializeCriticalSectionAndSpinCount
HeapAlloc
RtlUnwind
GetLocaleInfoA
ExitProcess
UnmapViewOfFile
Process32FirstW
FindResourceW
SetComputerNameExW
GetNumberOfConsoleInputEvents
WritePrivateProfileStringA
OutputDebugStringA
GetModuleFileNameW
ReadConsoleA
SetEndOfFile
GlobalMemoryStatus
EraseTape
GlobalAlloc
CloseHandle
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
HeapFree
Sleep

opengl32

glGetIntegerv

setupapi

SetupDiGetINFClassW
SetupQueueDeleteW

crypt32

CertAddStoreToCollection
CertOpenSystemStoreA

Exports

Exports

HbwjrliishhAinosu

Sections

.text
Size: 680KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.EXP
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 912KB - Virtual size: 910KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c130ded6a92bfc396329a3cfc59719a

Headers

File Characteristics

Imports

ole32

shlwapi

iphlpapi

user32

advapi32

mprapi

wintrust

avifil32

winmm

gdi32

ntdsapi

oleaut32

wininet

shell32

lz32

rpcrt4

clusapi

kernel32

opengl32

setupapi

crypt32

Exports

Exports

Sections

.text Size: 680KB - Virtual size: 676KB

.EXP Size: 4KB - Virtual size: 2KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 36KB - Virtual size: 39KB

.code Size: 912KB - Virtual size: 910KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 680KB - Virtual size: 676KB

.EXP
Size: 4KB - Virtual size: 2KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 36KB - Virtual size: 39KB

.code
Size: 912KB - Virtual size: 910KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 8KB