f0c01bc25e89ab61fc9759f4a6ae1ebcaddd857925493a9ae1d2eb5bdb07b6f9

Sharing

Copy URL Twitter E-mail

General

Target

f0c01bc25e89ab61fc9759f4a6ae1ebcaddd857925493a9ae1d2eb5bdb07b6f9
Size

5.8MB
MD5

d248ab83e5bbdbfd2cceac2dc261fd8d
SHA1

f8a09f8cae3e667057110d60cf821c3a66d488e3
SHA256

f0c01bc25e89ab61fc9759f4a6ae1ebcaddd857925493a9ae1d2eb5bdb07b6f9
SHA512

3c053602d681ff2597e992f00c18a181ff30b62a409474d8e9cee93b4cf67ba8fce29c88028bc3e0253ae0f1a3e109d7c60ec0c4bce629dcda01845255e375be
SSDEEP

98304:l+0nQNMg9t10FsZ6ePtj9uMIdCANleSIwzKG4DysFGPv5VGdxaS/FEKgJGbZrYdB:c0+9t15Z7PtYd4Ai/IKRys0HG8KfbZre

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0c01bc25e89ab61fc9759f4a6ae1ebcaddd857925493a9ae1d2eb5bdb07b6f9

Files

f0c01bc25e89ab61fc9759f4a6ae1ebcaddd857925493a9ae1d2eb5bdb07b6f9
.dll windows:6 windows x86 arch:x86

f818c88871c6e5d3c734e31fb6c2e033

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStdHandle
Sleep
SetConsoleTextAttribute
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
SetEnvironmentVariableA
SetEndOfFile
WriteConsoleW
CreateFileW
OutputDebugStringW
LoadLibraryExW
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
SetStdHandle
GetOEMCP
GetACP
IsValidCodePage
CloseHandle
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetModuleFileNameW
WriteFile
SetConsoleCursorPosition
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentThreadId
GetCommandLineA
RtlUnwind
SetFilePointerEx
GetSystemTimeAsFileTime
GetConsoleScreenBufferInfo
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
CompareFileTime
DeleteFileW
WinExec
GetUserDefaultUILanguage
IsDebuggerPresent
GetFileSize
GetSystemInfo
DeviceIoControl
LockResource
GetFileAttributesW
HeapCreate
GetVersionExW
ReadProcessMemory
VirtualQueryEx
FindResourceW
GetSystemDefaultUILanguage
GetDriveTypeW
EnumResourceNamesW
EncodePointer
DeleteCriticalSection
DecodePointer
HeapSize
RaiseException
InitializeCriticalSectionEx
HeapDestroy
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
QueryDosDeviceW
GetExitCodeThread
GetLastError
SetThreadLocale
FileTimeToSystemTime
SignalObjectAndWait
CreateDirectoryW
SystemTimeToTzSpecificLocalTime
LoadResource
SetFilePointer
GetCPInfo
ReadFile
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
SetConsoleMode

user32

EndPaint
SetCursor
SetTimer
CreateDialogParamA
TrackPopupMenu
SetKeyboardState
MsgWaitForMultipleObjects
IsZoomed
AttachThreadInput
RemovePropA
CharLowerBuffW
SetScrollRange
GetKeyboardState
GetMenu
SetWindowLongA
LoadMenuW
GetWindowLongW
GetWindowTextW
GetClassNameW
EnableMenuItem
SetClassLongA
CharUpperW
DefWindowProcA
SetWindowsHookExA
DrawTextExW
SendDlgItemMessageW
SetMenu
IsDlgButtonChecked
IsWindow
PostMessageA
RemoveMenu
SystemParametersInfoA
ReleaseCapture
InsertMenuA
SetWindowTextA
GetDlgItemTextA
GetCaretBlinkTime
SetDlgItemTextA
CheckMenuItem
GetWindow
MessageBoxA
CharUpperBuffW
GetMenuStringW
CreateMenu
GetDoubleClickTime
SetScrollPos
ScrollWindow
GetMenuItemCount
RegisterClassW
GetDlgItemTextW
MapWindowPoints
EnableWindow
LoadCursorA
DialogBoxParamA
HideCaret
IsIconic
PostMessageW
KillTimer
GetDC
GetWindowLongA
GetDesktopWindow
DestroyCaret

gdi32

GetBitmapBits
BitBlt
GetWindowOrgEx
GetTextExtentPoint32W
SetTextColor
MaskBlt
DeleteDC
CreateFontIndirectW
GetDeviceCaps
SetPixel
CreatePalette
CreateBitmap
DeleteObject
SelectObject
CreatePenIndirect
GetObjectType
GetDIBColorTable
CreateRectRgn
Polyline
RectVisible
RoundRect
IntersectClipRect
TextOutA
SetPaletteEntries
EndPage
CreateRectRgnIndirect
CreateDIBitmap
GetStockObject
RestoreDC
EndDoc
UpdateColors

comdlg32

FindTextW
GetOpenFileNameW

advapi32

ControlService
GetLengthSid
GetUserNameA
QueryServiceStatus
OpenSCManagerW
StartServiceW
RegGetKeySecurity
RegLoadKeyW

shell32

ShellExecuteW
CommandLineToArgvW

oleaut32

VariantCopy
VariantInit
VariantChangeType
SafeArrayGetLBound
SysReAllocStringLen
SysFreeString
SafeArrayCreate
VariantClear

Exports

Exports

gftbvdf
gwexmh
skwghz

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ZYCnR
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f818c88871c6e5d3c734e31fb6c2e033

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.data Size: 4.4MB - Virtual size: 4.4MB

.idata Size: 6KB - Virtual size: 8KB

.ZYCnR Size: 3KB - Virtual size: 4KB

.reloc Size: 38KB - Virtual size: 40KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 4.4MB - Virtual size: 4.4MB

.idata
Size: 6KB - Virtual size: 8KB

.ZYCnR
Size: 3KB - Virtual size: 4KB

.reloc
Size: 38KB - Virtual size: 40KB