8365e9c6fd2e7301014d6f562ae0aaa274cbd35d156c7654fdda6f85102d9027

Sharing

Copy URL Twitter E-mail

General

Target

8365e9c6fd2e7301014d6f562ae0aaa274cbd35d156c7654fdda6f85102d9027
Size

355KB
MD5

01435bc7cce93e654891910f3f8d3800
SHA1

675fb719367ca20a5ec169e6967eedde06242df1
SHA256

8365e9c6fd2e7301014d6f562ae0aaa274cbd35d156c7654fdda6f85102d9027
SHA512

868e347305cc36278371312cf82372f14c26e90c5e0cb3b77dbe29558c5546eb628e62eea07fa17d245187e6473405024471ae05816dee86928b3377427d3555
SSDEEP

6144:gDTqtF1hLKyOBihTqrT2B7BgnFJ263bJSrB75Fvj/t2jJKfXLb8:aTIdDTqOBgF4swltJsMn8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/rundll32.exe

Files

8365e9c6fd2e7301014d6f562ae0aaa274cbd35d156c7654fdda6f85102d9027
.zip
rundll32.exe
.exe windows:5 windows x86 arch:x86

376583ef03e4007760fb1259334fc710

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSACleanup
inet_addr
gethostbyname
gethostname
WSAStartup

winmm

mixerSetControlDetails
waveOutGetVolume
joyGetPosEx
mixerGetControlDetailsA
mixerOpen
mixerGetDevCapsA
mixerGetLineControlsA
waveOutSetVolume
mixerClose
mciSendStringA
joyGetDevCapsA
mixerGetLineInfoA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

comctl32

ImageList_ReplaceIcon
ImageList_AddMasked
ord17
ImageList_GetIconSize
ImageList_Create
ImageList_Destroy
ord6

kernel32

CreateProcessA
GetFileAttributesA
MultiByteToWideChar
WideCharToMultiByte
GetExitCodeProcess
WriteProcessMemory
ReadProcessMemory
GetCurrentProcessId
OpenProcess
TerminateProcess
SetPriorityClass
SetLastError
GetEnvironmentVariableA
GetLocalTime
GetDateFormatA
GetTimeFormatA
SetErrorMode
GetDiskFreeSpaceA
SetVolumeLabelA
CreateFileA
DeviceIoControl
GetDriveTypeA
GetVolumeInformationA
CreateDirectoryA
ReadFile
GetACP
WriteFile
GlobalSize
DeleteFileA
SetFileAttributesA
LocalFileTimeToFileTime
SetFileTime
GetSystemTime
GetComputerNameA
GetWindowsDirectoryA
GetTempPathA
GetFullPathNameA
GetShortPathNameA
LoadLibraryA
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
VirtualProtect
CompareStringA
RemoveDirectoryA
CopyFileA
OutputDebugStringA
FormatMessageA
GetPrivateProfileStringA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
WritePrivateProfileSectionA
SetEndOfFile
GetFileType
SetFilePointerEx
GetFileSizeEx
SystemTimeToFileTime
FileTimeToSystemTime
GetFileSize
EnumResourceNamesA
LoadLibraryExA
FindResourceA
LoadResource
LockResource
SizeofResource
LCMapStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetCPInfo
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapQueryInformation
HeapSize
InterlockedIncrement
InterlockedDecrement
HeapFree
HeapReAlloc
ExitProcess
GetModuleHandleW
HeapAlloc
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
GetModuleFileNameW
HeapCreate
InitializeCriticalSectionAndSpinCount
MoveFileA
Beep
SetEnvironmentVariableA
FileTimeToLocalFileTime
FindClose
FindNextFileA
FindFirstFileA
GetSystemTimeAsFileTime
MulDiv
GetModuleFileNameA
DeleteCriticalSection
GetVersionExA
GetLastError
CreateMutexA
CloseHandle
GetExitCodeThread
SetThreadPriority
CreateThread
lstrcmpiA
GetCurrentThreadId
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
GetModuleHandleA
GetProcAddress
GetCurrentDirectoryA
InitializeCriticalSection
SetCurrentDirectoryA
Sleep
GetTickCount
LoadLibraryW
GetLocaleInfoW
SetHandleCount
IsProcessorFeaturePresent
GetStringTypeW
GetUserDefaultLCID
UnhandledExceptionFilter
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
RaiseException
RtlUnwind
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetFilePointer
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetProcessHeap
CreateFileW
GetCurrentProcess
VirtualQuery

user32

GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuStringA
IsWindowEnabled
ExitWindowsEx
SetMenu
FlashWindow
MapWindowPoints
RedrawWindow
UpdateWindow
GetMessagePos
GetClassLongA
DefDlgProcA
CallWindowProcA
CheckRadioButton
IntersectRect
PtInRect
AppendMenuA
SetMenuDefaultItem
RemoveMenu
SetMenuItemInfoA
IsMenu
CreateMenu
CreatePopupMenu
SetMenuInfo
DestroyMenu
TrackPopupMenuEx
CreateIconIndirect
GetDesktopWindow
CopyImage
LookupIconIdFromDirectoryEx
CreateIconFromResourceEx
GetWindow
BringWindowToTop
GetTopWindow
GetWindowRect
GetClientRect
SystemParametersInfoA
AdjustWindowRectEx
DrawTextA
SetRect
GetIconInfo
SetWindowTextA
GetCursor
CheckMenuItem
MessageBoxA
SetClipboardViewer
LoadAcceleratorsA
DrawIconEx
GetDC
EnableMenuItem
GetMenu
CreateWindowExA
LoadCursorA
LoadImageA
ChangeClipboardChain
DestroyIcon
DestroyWindow
IsCharAlphaA
MapVirtualKeyA
GetKeyNameTextA
VkKeyScanExA
GetWindowTextA
mouse_event
WindowFromPoint
GetSystemMetrics
keybd_event
SetKeyboardState
GetKeyboardState
GetCursorPos
PostMessageW
GetAsyncKeyState
AttachThreadInput
SendInput
UnregisterHotKey
RegisterHotKey
PostQuitMessage
SendMessageTimeoutA
UnhookWindowsHookEx
SetWindowsHookExA
PostThreadMessageA
IsCharUpperA
IsCharLowerA
IsCharAlphaNumericA
ToAsciiEx
GetKeyboardLayout
CallNextHookEx
CharLowerA
OpenClipboard
GetClipboardData
ClientToScreen
GetCaretPos
EnumClipboardFormats
MessageBeep
SetDlgItemTextA
GetDlgItem
SendDlgItemMessageA
DialogBoxParamA
SetForegroundWindow
DefWindowProcA
IsWindowVisible
FillRect
GetClipboardFormatNameA
CloseClipboard
SetClipboardData
EmptyClipboard
PostMessageA
FindWindowA
EndDialog
IsWindow
DispatchMessageA
TranslateMessage
GetSysColorBrush
GetSysColor
RegisterWindowMessageA
IsIconic
IsZoomed
EnumWindows
GetWindowTextLengthA
EnableWindow
InvalidateRect
SetWindowPos
SetWindowRgn
SetFocus
SetActiveWindow
EnumChildWindows
MoveWindow
ReleaseDC
GetQueueStatus
TranslateAcceleratorA
ShowWindow
CountClipboardFormats
SetWindowLongA
ScreenToClient
IsDialogMessageA
SendMessageA
GetWindowLongA
GetKeyState
KillTimer
PeekMessageA
GetFocus
GetClassNameA
GetWindowThreadProcessId
GetForegroundWindow
GetMessageA
SetTimer
GetParent
GetDlgCtrlID
CharUpperA
IsClipboardFormatAvailable
RegisterClassExA

gdi32

GetClipRgn
FillRgn
GetClipBox
SetBkMode
EnumFontFamiliesExA
CreateDIBSection
GdiFlush
GetPixel
ExcludeClipRect
SetTextColor
BitBlt
CreateCompatibleBitmap
GetSystemPaletteEntries
GetDIBits
CreateCompatibleDC
CreatePolygonRgn
CreateRectRgn
CreateRoundRectRgn
CreateEllipticRgn
DeleteDC
GetObjectA
GetTextMetricsA
GetTextFaceA
SelectObject
GetStockObject
CreateDCA
CreateSolidBrush
GetDeviceCaps
SetBkColor
DeleteObject
CreateFontA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerA
GetUserNameA
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegConnectRegistryA
RegDeleteValueA

shell32

DragQueryPoint
SHFileOperationA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteExA
Shell_NotifyIconA
DragFinish
DragQueryFileA
ExtractIconA

ole32

OleInitialize
OleUninitialize
CoInitialize
CoCreateInstance
CoUninitialize
CLSIDFromString
CoGetObject
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

SafeArrayUnlock
SafeArrayGetElemsize
SafeArrayPtrOfIndex
SafeArrayLock
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SysAllocString
VariantChangeType
VariantClear
SafeArrayCreate
SysFreeString
SysStringLen
GetActiveObject
SafeArrayDestroy
OleLoadPicture

Sections

.text
Size: 556KB - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

376583ef03e4007760fb1259334fc710

Headers

File Characteristics

Imports

wsock32

winmm

version

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 556KB - Virtual size: 556KB

.rdata Size: 57KB - Virtual size: 57KB

.data Size: 10KB - Virtual size: 35KB

.rsrc Size: 35KB - Virtual size: 34KB

.text
Size: 556KB - Virtual size: 556KB

.rdata
Size: 57KB - Virtual size: 57KB

.data
Size: 10KB - Virtual size: 35KB

.rsrc
Size: 35KB - Virtual size: 34KB