05f7d54d3f720da51895f76d1503c1c6a47dd292319d91e5a4ae3f9e395225d3

Sharing

Copy URL Twitter E-mail

General

Target

05f7d54d3f720da51895f76d1503c1c6a47dd292319d91e5a4ae3f9e395225d3
Size

6.5MB
MD5

eddf744ab82a36ef3d49a999bd369099
SHA1

8674f33457de2bbd6c6cf118d9ad98ce168b5b3f
SHA256

05f7d54d3f720da51895f76d1503c1c6a47dd292319d91e5a4ae3f9e395225d3
SHA512

95f0ce194169d37a29040be10069ede962f6464f7a8af752ae54454bc1a0b4718e25bb80217475bf0049fb52ab69f20ba2aa96e4499cd83db706d761867b9e66
SSDEEP

196608:FUne23kP123bhdr2Ha1PfrnkwKRbZEVBBi2+7SSmsuq:O3k0bhdr2a1kwWbU47lvZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05f7d54d3f720da51895f76d1503c1c6a47dd292319d91e5a4ae3f9e395225d3

Files

05f7d54d3f720da51895f76d1503c1c6a47dd292319d91e5a4ae3f9e395225d3
.dll windows:6 windows x86 arch:x86

b7940c3b09d4ab741dceb691eb78ad0b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SystemTimeToTzSpecificLocalTime
SignalObjectAndWait
GetCurrentThread
ExpandEnvironmentStringsA
ClearCommBreak
GetUserDefaultLangID
GetConsoleCP
GetSystemDirectoryW
Sleep
ReadProcessMemory
CreateEventA
GetFileAttributesA
MulDiv
TerminateProcess
MultiByteToWideChar
FlushFileBuffers
VerifyVersionInfoW
VirtualAlloc
GlobalFree
LoadLibraryA
CreatePipe
GetOEMCP
VirtualProtect
TlsAlloc
GetSystemTime
FindResourceW
CreateFileW
OutputDebugStringW
ReadConsoleW
WriteConsoleW
SetStdHandle
LoadLibraryExW
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
SetFilePointerEx
ReadFile
GetConsoleMode
WriteFile
CloseHandle
GetFileType
GetStdHandle
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
GetLocaleInfoA
GetFileSize
GetDateFormatW
GetCommandLineW
ExitProcess
ResumeThread
OpenFileMappingA
DeleteFileW
GetUserDefaultUILanguage
FindNextFileA
RemoveDirectoryW
EnterCriticalSection
SetErrorMode
IsDBCSLeadByteEx
WritePrivateProfileStringW
SetThreadPriority
ExitThread
FileTimeToSystemTime
lstrcpynW
GetSystemTimeAdjustment
SetHandleInformation
InitializeSListHead
WaitNamedPipeA
SetEndOfFile
HeapSize
AreFileApisANSI
GetModuleHandleExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
WideCharToMultiByte
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetStringTypeW
GetLastError
HeapReAlloc
GetSystemTimeAsFileTime
HeapFree
RaiseException
RtlUnwind
GetCommandLineA
GetCurrentThreadId
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent
LCMapStringW

user32

DestroyAcceleratorTable
GetSubMenu
CharLowerBuffW
GetMenuItemInfoW
CheckMenuRadioItem
LoadMenuW
SystemParametersInfoW
DrawMenuBar
EnumWindows
SetDlgItemTextW
SendMessageW
ToUnicode
SetMenuItemInfoW
CheckMenuItem
IsRectEmpty
GetDC
InflateRect
GetMenu
DestroyCursor
GetDesktopWindow
GetSysColorBrush
BeginDeferWindowPos
GetDlgItemTextW
SetWindowTextW
GetWindowThreadProcessId
InsertMenuW

gdi32

ExtFloodFill
PtInRegion
ExtCreateRegion
SetPolyFillMode
SetViewportExtEx
CreateEnhMetaFileW
SetViewportOrgEx
CreateFontIndirectW
GetRgnBox
GetBkColor
CreateBitmapIndirect
GetObjectW

comdlg32

FindTextW
GetSaveFileNameW

advapi32

RegUnLoadKeyW
SetSecurityDescriptorOwner
LookupPrivilegeValueW
RegQueryValueExW
OpenSCManagerW
ControlService
CloseServiceHandle

shell32

ExtractIconExW

oleaut32

SysFreeString
VariantChangeType
SafeArrayGetLBound
VariantClear

Sections

.text
Size: 548KB - Virtual size: 547KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7940c3b09d4ab741dceb691eb78ad0b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 548KB - Virtual size: 547KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 548KB - Virtual size: 547KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 13KB - Virtual size: 13KB