c8dea9ae2d76812ffedefd652195f21548e22edebd91b539094d67dd0463bdb3

Sharing

Copy URL Twitter E-mail

General

Target

c8dea9ae2d76812ffedefd652195f21548e22edebd91b539094d67dd0463bdb3
Size

6.5MB
MD5

a7581d61d1c05bc1aafc953736ed3ba6
SHA1

4ec9d621ea162a6b5c0ddd308efacf8bf1cb47ca
SHA256

c8dea9ae2d76812ffedefd652195f21548e22edebd91b539094d67dd0463bdb3
SHA512

121ea3a777a919ec381ab4644cf103619532274bb07c2ee78bb3736cba391554b3edbef00bf973b76dddd5612551cb3f8ce449917f8a6f29bdcf272eb74408e3
SSDEEP

196608:5EP3QbVSsxe32cVD85UGvyfK1tWszs76Z:6cVwmcVI5UGyK1sszs76Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8dea9ae2d76812ffedefd652195f21548e22edebd91b539094d67dd0463bdb3

Files

c8dea9ae2d76812ffedefd652195f21548e22edebd91b539094d67dd0463bdb3
.dll windows:6 windows x86 arch:x86

79cfd0fc2c120c2014da151e540fb47d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
SetFilePointerEx
ReadFile
GetFileType
GetStdHandle
GetConsoleMode
WriteFile
FlushFileBuffers
CloseHandle
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapSize
FreeEnvironmentStringsW
GetModuleHandleExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetModuleFileNameW
LoadLibraryExW
SetStdHandle
WriteConsoleW
ReadConsoleW
OutputDebugStringW
GetThreadTimes
FindNextFileW
CreateFileW
CreateProcessA
GetLocaleInfoW
ClearCommBreak
GetSystemTimeAsFileTime
WaitForSingleObjectEx
SetCommBreak
GetEnvironmentVariableW
WaitForSingleObject
SetDllDirectoryW
ExitProcess
ExpandEnvironmentStringsW
LocalFree
OpenFileMappingA
Beep
GetConsoleCP
SetCommTimeouts
SetEndOfFile
VirtualQuery
AreFileApisANSI
GetCurrentProcess
Sleep
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapReAlloc
HeapFree
RaiseException
RtlUnwind
GetCommandLineA
GetCurrentThreadId
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount

user32

RegisterClassA
EndPaint
SendDlgItemMessageA
SetKeyboardState
KillTimer
GetClientRect
SetFocus
DrawEdge
EnumWindows
SetScrollRange
GetQueueStatus
GetKeyboardLayout
CheckMenuRadioItem
SetScrollPos
PeekMessageA
SetWindowsHookExA
DestroyCursor
CheckDlgButton
CreatePopupMenu
IsWindow
PostMessageA
ScrollWindowEx
BeginDeferWindowPos
GetDlgItemTextA
DestroyIcon
SetDlgItemTextA
ValidateRect
IsRectEmpty
ShowOwnedPopups
GetSystemMenu
PostQuitMessage
IsZoomed
GetParent
MessageBeep
GetDC
GetDesktopWindow
GetSysColor
SystemParametersInfoA
DrawFrameControl
SetScrollInfo
CheckMenuItem
CopyRect
GetMessageTime

gdi32

CreatePolygonRgn
SetWindowOrgEx
PatBlt
ExtFloodFill
ExcludeClipRect
PolyPolyline
CreateCompatibleBitmap
SaveDC
RealizePalette
SetPolyFillMode
GetObjectW
EndPage
TranslateCharsetInfo
CreateFontA
StretchBlt
GetRgnBox
SelectClipRgn
RectInRegion
GetNearestPaletteIndex
CreateRectRgn
CreatePatternBrush
CreateDIBitmap
SetPixel

advapi32

GetLengthSid
GetUserNameA
SetSecurityDescriptorDacl

ole32

CoTaskMemFree

Sections

.text
Size: 522KB - Virtual size: 521KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79cfd0fc2c120c2014da151e540fb47d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 522KB - Virtual size: 521KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 522KB - Virtual size: 521KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 13KB - Virtual size: 12KB