ab3810cd4312c952ac8dab65ddfbde93eee9c7c3bc3856cd7294cd869f4b2df2

Sharing

Copy URL Twitter E-mail

General

Target

ab3810cd4312c952ac8dab65ddfbde93eee9c7c3bc3856cd7294cd869f4b2df2
Size

6.5MB
MD5

a712fa61aaef6fdf507cdbe1c794a164
SHA1

8de30e347c1e233fc430a3ee4f1115b082c60003
SHA256

ab3810cd4312c952ac8dab65ddfbde93eee9c7c3bc3856cd7294cd869f4b2df2
SHA512

eb39669f9744964abcc04d8bcee2f93504b86738dbcf2cbe2aae833ecb3f4540839ba43ff506928cf5726227c6e7faaeb57644358cc322338ae4d1cfbaccba04
SSDEEP

196608:QHtoQbVSsxe32cVD85UGvyfK1tWszs76Z:y2cVwmcVI5UGyK1sszs76Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab3810cd4312c952ac8dab65ddfbde93eee9c7c3bc3856cd7294cd869f4b2df2

Files

ab3810cd4312c952ac8dab65ddfbde93eee9c7c3bc3856cd7294cd869f4b2df2
.dll windows:6 windows x86 arch:x86

170991198af230338615456c45905328

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileW
CreateFileW
ReadConsoleW
SetStdHandle
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
WriteFile
LoadLibraryExW
OutputDebugStringW
FileTimeToLocalFileTime
SignalObjectAndWait
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapSize
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsFree
GetUserDefaultUILanguage
EnumResourceTypesW
GetSystemInfo
RemoveDirectoryW
GetDiskFreeSpaceW
SetThreadLocale
HeapCreate
CreateDirectoryW
EnumCalendarInfoW
SetFilePointer
FindFirstFileW
EnumResourceNamesW
GetLastError
lstrcpynW
SizeofResource
LoadLibraryW
GetSystemDirectoryW
GetOEMCP
GetUserDefaultLangID
GetTempFileNameW
CompareFileTime
VerSetConditionMask
LoadResource
FindResourceW
GetSystemDefaultUILanguage
GetACP
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
HeapFree
GetStdHandle
GetFileType
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
GetCommandLineA
GetCurrentThreadId
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount

user32

SetTimer
RegisterWindowMessageW
RemovePropA
MessageBeep
GetMenuItemInfoW
GetQueueStatus
GetCapture
SetPropA
SetScrollPos
SendDlgItemMessageW
CreatePopupMenu
CheckRadioButton
InsertMenuW
RegisterClassW
InsertMenuA
MapWindowPoints
LoadCursorA
InvalidateRect
GetDlgItemTextA
DialogBoxParamA
SetWindowTextW
CreateDialogParamA
SetCapture
PostMessageW
GetWindowTextLengthA
SetScrollRange
GetDoubleClickTime
GetDC
ShowCursor
SetDlgItemInt
OffsetRect
SetWindowLongA
EnableMenuItem
GetDlgItem
DestroyCaret
GetDesktopWindow
GetSysColor
FlashWindow
SystemParametersInfoA
SendMessageW
EnableWindow
SetDlgItemTextA
GetDlgCtrlID

gdi32

EndPage
CreateFontA
GetDeviceCaps
SetDIBColorTable
CreateBrushIndirect
CreateRectRgn
GetPixel
EndDoc
RestoreDC
UpdateColors
BitBlt
GetWindowOrgEx
SetTextColor
CreatePenIndirect
RealizePalette
GetCharWidth32A
GetStockObject
GetBitmapBits

comdlg32

FindTextW

advapi32

RegSetValueExW
CloseServiceHandle
QueryServiceStatus
RegGetKeySecurity

shell32

SHGetFileInfoW
Shell_NotifyIconW

oleaut32

SysAllocStringLen
SysReAllocStringLen

Sections

.text
Size: 585KB - Virtual size: 585KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

170991198af230338615456c45905328

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 585KB - Virtual size: 585KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 585KB - Virtual size: 585KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 13KB - Virtual size: 13KB