20693bbd4ec6a62f4b28c4702e7b864ccbc55976520221789477c6c9470f2e31

Sharing

Copy URL Twitter E-mail

General

Target

20693bbd4ec6a62f4b28c4702e7b864ccbc55976520221789477c6c9470f2e31
Size

6.5MB
MD5

219ce37606bbdbc2979ba47475a40df0
SHA1

5594c73e0689f609cd6587a5339287e886eec00c
SHA256

20693bbd4ec6a62f4b28c4702e7b864ccbc55976520221789477c6c9470f2e31
SHA512

55405946ebf1a837e25955847600757a6d9c512eb23f94683e62731eb72d66c35316df9e45fe3113b5c67946dbbd5117f7e4fdcb64eb1cd8e8e93e76265729a4
SSDEEP

196608:L7pVOf6XlfQBr3v43OLUGqgRdB9lUWpePk:p8MlfyDv+O7BDxvp0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20693bbd4ec6a62f4b28c4702e7b864ccbc55976520221789477c6c9470f2e31

Files

20693bbd4ec6a62f4b28c4702e7b864ccbc55976520221789477c6c9470f2e31
.dll windows:6 windows x86 arch:x86

1dd765afa8757046e1e291aa6b385d61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryExW
SystemTimeToFileTime
CompareFileTime
ClearCommBreak
GetUserDefaultLangID
GetSystemDirectoryW
LoadLibraryW
CreateEventA
GetSystemTimeAdjustment
Beep
TerminateProcess
GetTimeZoneInformation
GetStartupInfoW
FlushFileBuffers
IsDBCSLeadByteEx
GetThreadLocale
CreateFileMappingA
GetFileType
LocalFree
GetSystemTime
MapViewOfFile
WriteConsoleW
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
SetFilePointerEx
ReadFile
CloseHandle
GetConsoleMode
SetStdHandle
GetModuleFileNameW
WriteFile
GetStdHandle
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
GetLocaleInfoA
SetFilePointer
FindFirstFileW
GetFullPathNameW
TlsFree
EnterCriticalSection
FindFirstFileA
GlobalUnlock
CreateFileW
WideCharToMultiByte
GetConsoleCP
GetCurrentThread
FindResourceW
GetModuleHandleExW
SetEndOfFile
GetTempFileNameW
EncodePointer
DeleteCriticalSection
VirtualProtect
GetLastError
WaitForSingleObject
GlobalLock
ReadConsoleW
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
LeaveCriticalSection
DecodePointer
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
HeapFree
RaiseException
RtlUnwind
ExitProcess
GetProcAddress
AreFileApisANSI
GetCommandLineA
GetCurrentThreadId
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
GetModuleHandleW
IsProcessorFeaturePresent

user32

InflateRect
SystemParametersInfoW
GetClassNameW
EnableScrollBar
SetDlgItemInt
DestroyAcceleratorTable
MapWindowPoints
DestroyMenu
ToUnicode
GetMonitorInfoW
IsIconic
GetSubMenu
GetMenuStringW
GetDC
SetWindowLongW
SetWindowTextW
GetMenu
GetDesktopWindow
DestroyIcon
IsRectEmpty
SetDlgItemTextW

gdi32

SetViewportOrgEx
SetTextColor
Polygon
StretchDIBits
SetStretchBltMode
SetViewportExtEx
SetROP2
CloseEnhMetaFile
CreateEnhMetaFileW
SetLayout
GetTextExtentPoint32W
SetPolyFillMode
GetObjectW

advapi32

RegSetValueExW
RegEnumKeyExW
StartServiceW
RegGetKeySecurity
OpenServiceW
RegOpenKeyExW
SetSecurityDescriptorOwner
RegDeleteValueA

shell32

Shell_NotifyIconW

oleaut32

SafeArrayGetUBound
VariantInit
VariantCopy
SysReAllocStringLen

Sections

.text
Size: 572KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1dd765afa8757046e1e291aa6b385d61

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

Sections

.text Size: 572KB - Virtual size: 572KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 572KB - Virtual size: 572KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 13KB - Virtual size: 13KB