dllanan4[.]exe[.]vir

Sharing

Copy URL Twitter E-mail

General

Target

dllanan4.exe.vir
Size

11.3MB
MD5

4ef169fddf2c5cb400da215998ee2e93
SHA1

25fc7b4e6aec823f0cf96ed5b410040d6d882f17
SHA256

c8d88b230ef076e691b5ffac88566fb5bd52936fc8fee57feef3b36b0533d23a
SHA512

8d92297c60d98f978d343f5899664867d786864f01205b53cd4cd4c0814ee924b22da7d88a125fe4511334b32ca42fdc7bc6297e73287385b4b5356eded43595
SSDEEP

6144:xGGwP+acHp6D47dzu2psKNOFXSA29g0jjV+g5:fc+acH04BzaoOFXSAFyj9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dllanan4.exe.vir

Files

dllanan4.exe.vir
.exe windows:4 windows x86 arch:x86

20fe8b6acaa326d5184beaa49a866975

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
UnhandledExceptionFilter
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
GetProfileStringA
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetTimeZoneInformation
GetFileType
SetStdHandle
GetACP
HeapSize
HeapReAlloc
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
RaiseException
HeapAlloc
HeapFree
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentDirectoryA
SizeofResource
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalFlags
GetProcessVersion
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
FormatMessageA
LocalFree
WaitForSingleObject
GetCurrentThread
lstrcmpA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
MultiByteToWideChar
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
GetFileAttributesA
GlobalReAlloc
GlobalSize
GetLastError
MulDiv
SetLastError
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetCurrentThreadId
lstrcmpiA
GlobalHandle
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
lstrcatA
lstrcpynA
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
lstrcpyA
lstrlenA
VirtualAlloc
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
IsBadCodePtr

user32

GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
CharUpperA
LoadStringA
CreateDialogIndirectParamA
EndDialog
PostQuitMessage
ShowOwnedPopups
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
DestroyCursor
LoadCursorA
SetRect
PtInRect
FindWindowA
IsRectEmpty
DestroyIcon
IsZoomed
SetParent
AppendMenuA
DeleteMenu
GetSystemMenu
SetTimer
KillTimer
WindowFromPoint
GetSysColorBrush
GetClassNameA
InsertMenuA
GetMenuStringA
GetTabbedTextExtentA
SetCapture
InvertRect
GetDCEx
LockWindowUpdate
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
GetSysColor
DispatchMessageA
ScreenToClient
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
RegisterClassA
GetWindowTextLengthA
GetWindowTextA
DestroyWindow
SetWindowsHookExA
CallNextHookEx
GetClassLongA
ReleaseDC
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetLastActivePopup
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
InvalidateRect
GetKeyState
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
ShowWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
PostMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
GetActiveWindow
wsprintfA
GetParent
GetMenuItemID
AdjustWindowRectEx
RedrawWindow
SetWindowPos
GetWindowLongA
SetWindowLongA
IsWindow
DefMDIChildProcA
DrawMenuBar
TranslateAcceleratorA
TranslateMDISysAccel
MessageBoxA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode
UpdateWindow
EnableWindow
FillRect
DefFrameProcA
CreateWindowExA
BringWindowToTop
GetMenu
GetMenuItemCount
GetSubMenu
SendMessageA
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetClientRect
InflateRect
GetDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
SetPropA
GetMenuState
MapWindowPoints

gdi32

RestoreDC
SelectObject
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
DeleteObject
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePen
SaveDC
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
Rectangle
DPtoLP
GetViewportOrgEx
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
CreateDCA
LPtoDP
GetTextExtentPoint32A
GetTextMetricsA
CreateCompatibleDC
CreateCompatibleBitmap
GetCharWidthA
CreateFontA
CreateFontIndirectA
GetBkColor
GetNearestColor
GetTextColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
BitBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
StartDocA
DeleteDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
RealizePalette
GetStockObject
CreatePalette
SelectPalette
SetStretchBltMode
SetDIBitsToDevice
CreateDIBitmap
GetTextExtentPointA
StretchDIBits

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
GetFileTitleA
PrintDlgA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteKeyA
RegSetValueA
RegCreateKeyA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
SetFileSecurityA
RegEnumKeyA
RegQueryValueA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
GetFileSecurityA

shell32

SHGetFileInfoA
DragAcceptFiles
DragQueryFileA
DragFinish
ExtractIconA

comctl32

ord17

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetOptionExA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
HttpQueryInfoA
InternetGetLastResponseInfoA

Sections

.text
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11.0MB - Virtual size: 11.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20fe8b6acaa326d5184beaa49a866975

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wininet

Sections

.text Size: 204KB - Virtual size: 202KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 11.0MB - Virtual size: 11.0MB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 204KB - Virtual size: 202KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 11.0MB - Virtual size: 11.0MB

.rsrc
Size: 28KB - Virtual size: 27KB