b97e3c6005a9686a3b00ca73e48ab336718a410cc07542d9b1bbbacc3d74a899

Sharing

Copy URL Twitter E-mail

General

Target

b97e3c6005a9686a3b00ca73e48ab336718a410cc07542d9b1bbbacc3d74a899
Size

56KB
MD5

f6e795b718c580d10a6d3c394a56b4af
SHA1

b776bbe49de187b0dc00d053bb17d5ce3c533035
SHA256

b97e3c6005a9686a3b00ca73e48ab336718a410cc07542d9b1bbbacc3d74a899
SHA512

0da0d528ec157ed592bcdaca2acf6521dcf21a28bf75b8d00bd50237a9fe00ea4f9704262aaf533362afd091a35e786ffc66660866f16b242ba4b584393b8576
SSDEEP

1536:braCEbLL+uQyEIrnGzPgKvF3TK0Nx/i3NYCX3jZj+MH:E+GZn2gKtDK0Nx/i9YM3jZjZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b97e3c6005a9686a3b00ca73e48ab336718a410cc07542d9b1bbbacc3d74a899

Files

b97e3c6005a9686a3b00ca73e48ab336718a410cc07542d9b1bbbacc3d74a899
.dll windows:3 windows x86 arch:x86

21ba116f001c5c2cf59eb66d14193042

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

crtdll

strncmp
strcspn
_wcsicmp
wcslen
wcscpy

dlcapi

AcsLan

kernel32

GetPrivateProfileIntW
lstrcmpW
HeapDestroy
OutputDebugStringW
GetTickCount
WritePrivateProfileStringW
WaitForSingleObject
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryW
lstrcpyA
ResetEvent
lstrcatW
HeapCreate
lstrlenW
CreateEventW
InitializeCriticalSection
lstrcpyW
ExitThread
WaitForMultipleObjects
Sleep
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
HeapAlloc
HeapFree
SetLastError
CloseHandle
lstrcmpiW
GetLastError
CreateThread
SetEvent
DeleteCriticalSection

user32

IsCharAlphaNumericW
GetFocus
SetWindowLongW
wsprintfA
GetClientRect
UpdateWindow
InvalidateRect
EndDialog
CharUpperBuffW
GetWindowLongW
PtInRect
DefWindowProcW
UnregisterClassW
GetSysColor
BeginPaint
RegisterClassW
LoadCursorW
IsCharAlphaW
GetWindowTextW
SetTimer
KillTimer
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemInt
GetWindowPlacement
DestroyWindow
CreateWindowExW
GetDlgItem
GetParent
WinHelpW
SetWindowTextW
SendDlgItemMessageW
ReleaseCapture
SetCapture
EndPaint
GetWindowTextLengthW
EnableWindow
PostMessageW
MessageBeep
LoadStringW
DialogBoxParamW
MessageBoxW
wsprintfW
CharNextW
SetFocus
SendMessageW

spoolss

SetJobW
ClosePrinter
OpenPrinterW
GetJobW

advapi32

RegDeleteValueW
RegisterEventSourceW
RegCloseKey
RegQueryValueExW
RegCreateKeyW
DeregisterEventSource
ReportEventW
RegOpenKeyExW
RegEnumValueW
RegSetValueExW

gdi32

CreateSolidBrush
DeleteObject
CreatePen
SelectObject
SetPixel
Polygon
MoveToEx
Rectangle
LineTo
GetStockObject

Exports

Exports

AddPortW
ClosePort
ConfigurePortW
DeletePortW
EndDocPort
EnumPortsW
InitializeMonitor
LibMain
OpenPort
ReadPort
StartDocPort
WritePort

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21ba116f001c5c2cf59eb66d14193042

Headers

File Characteristics

Imports

crtdll

dlcapi

kernel32

user32

spoolss

advapi32

gdi32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 3KB - Virtual size: 2KB