abbd8cd70433b72c41b482e86d808caf351d64048abffd2fcd2f3ffda6615d93

Sharing

Copy URL Twitter E-mail

General

Target

abbd8cd70433b72c41b482e86d808caf351d64048abffd2fcd2f3ffda6615d93
Size

840KB
MD5

6207ffaf99d9b0effb09e1c63940d81c
SHA1

71fea0f6f202e14f0388a8e9770b8e2731cb9ce6
SHA256

abbd8cd70433b72c41b482e86d808caf351d64048abffd2fcd2f3ffda6615d93
SHA512

f10d2af46c21462cb59b25099020a9e5871ddefcce66075a9ea41965396a4d91892281b3847c0095f30b63aea615d8b72c212aa7e6804b7b7b6adab341ea924c
SSDEEP

6144:9nhaLrMGmSrT+2OQX2lcRcVOSgyLJfM9Ueef7wul16xrmg6ZbMq4m+E7QUH28iE9:9nqMqrKDCo7tnmVM94CXiEcdCuLkwxC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abbd8cd70433b72c41b482e86d808caf351d64048abffd2fcd2f3ffda6615d93

Files

abbd8cd70433b72c41b482e86d808caf351d64048abffd2fcd2f3ffda6615d93
.dll windows:6 windows x86 arch:x86

6f07d5715c14d25c737cf319dade4221

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
InitializeSRWLock
SetLastError
FindNextFileW
SetThreadPriority
FindClose
ReleaseMutex
ReleaseSRWLockExclusive
OutputDebugStringW
DisableThreadLibraryCalls
GetCurrentThread
AcquireSRWLockExclusive
TerminateThread
VerSetConditionMask
GetCurrentProcessId
VerifyVersionInfoW
GetSystemTimeAsFileTime
WriteConsoleW
CreateFileW
FlushFileBuffers
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
FindFirstFileExW
GetOEMCP
GetACP
IsValidCodePage
MultiByteToWideChar
GetStringTypeW
GetCPInfo
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetFileSizeEx
GetConsoleOutputCP
WriteFile
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetFileType
GetStdHandle
ExitProcess
ReadFile
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
InterlockedFlushSList
QueryPerformanceCounter
MapViewOfFile
CreateFileMappingW
ResetEvent
CreateThread
QueryPerformanceFrequency
SetEvent
UnmapViewOfFile
GetCurrentThreadId
CreateMutexW
WaitForMultipleObjects
HeapFree
GetModuleFileNameW
GetCurrentProcess
GetFullPathNameW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
GetProcessHeap
DeleteCriticalSection
LocalFree
GetProcAddress
HeapDestroy
DecodePointer
HeapAlloc
LoadLibraryW
CloseHandle
HeapReAlloc
GetLastError
FormatMessageW
Sleep
RtlUnwind
VirtualQuery
VirtualFree
VirtualAlloc
Thread32Next
Thread32First
CreateToolhelp32Snapshot
VirtualProtect
FlushInstructionCache
SetThreadContext
GetThreadContext
GetThreadId
ResumeThread
SuspendThread
OpenThread
HeapCreate
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
RaiseException
IsDebuggerPresent
CreateEventW
HeapSize
GetSystemDirectoryW
LocalAlloc
WaitForSingleObject
InitializeCriticalSectionEx
GetModuleHandleExW
CompareStringW
SetEndOfFile

user32

IntersectRect
WindowFromDC
DefWindowProcW
DestroyWindow
CreateWindowExW
EqualRect
RegisterClassExW
DispatchMessageW
PeekMessageW
UnhookWindowsHookEx
SendNotifyMessageW
TranslateMessage
SetWindowsHookExW
PostQuitMessage
RegisterWindowMessageW
UnionRect
GetWindowThreadProcessId
GetSystemMetrics
IsWindow
CallNextHookEx
GetMonitorInfoW
ClientToScreen
GetForegroundWindow
EnumWindows
SetRectEmpty
GetClientRect
GetParent
ReleaseDC
GetDC

gdi32

BitBlt
SelectObject
CreateCompatibleDC
GetDeviceCaps
DeleteObject
StretchBlt
CreateDIBSection

winmm

timeGetTime

Exports

Exports

Install
RunW
Uninstall

Sections

.text
Size: 665KB - Virtual size: 665KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eh_fram
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

SCN_HOOK
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f07d5715c14d25c737cf319dade4221

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winmm

Exports

Exports

Sections

.text Size: 665KB - Virtual size: 665KB

.rdata Size: 94KB - Virtual size: 94KB

.data Size: 5KB - Virtual size: 21KB

.eh_fram Size: 46KB - Virtual size: 45KB

SCN_HOOK Size: 512B - Virtual size: 4B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 26KB - Virtual size: 25KB

.text
Size: 665KB - Virtual size: 665KB

.rdata
Size: 94KB - Virtual size: 94KB

.data
Size: 5KB - Virtual size: 21KB

.eh_fram
Size: 46KB - Virtual size: 45KB

SCN_HOOK
Size: 512B - Virtual size: 4B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 26KB - Virtual size: 25KB