4848c6f992d2098f60ece06b8f0b6330N

Sharing

Copy URL Twitter E-mail

General

Target

4848c6f992d2098f60ece06b8f0b6330N
Size

159KB
MD5

4848c6f992d2098f60ece06b8f0b6330
SHA1

ff39f4d55510321e70f56d409492b77778825838
SHA256

00152eee84cdad93127495d50a1ef4886f2d2a10ce8184473ae2c2234411b291
SHA512

1335280df067f4e8ac11389e5c8d49783148e9bad01035f7d478a913528ac2afacb769311eaf428505df1b2e6a5f319c86c1addf67f7ccd46aaf93d57202c589
SSDEEP

3072:ja3Frt13ZlI13ZeBJsW5syAvhQcQdNgKB1Fp5zOfVhr7n4n/:cn3ZlUZex5s15QcQr1F3OfH/n6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4848c6f992d2098f60ece06b8f0b6330N

Files

4848c6f992d2098f60ece06b8f0b6330N
.dll windows:5 windows x86 arch:x86

07b1ccc656cf8a02232adc27b618dbc8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc100u

ord13396
ord3495
ord796
ord11353
ord13415
ord3428
ord6869
ord1934
ord4331
ord2823
ord7176
ord4086
ord1292
ord6140
ord9328
ord5118
ord11845
ord11209
ord11240
ord9498
ord7391
ord11236
ord11228
ord5261
ord3416
ord7179
ord11469
ord13267
ord7126
ord11864
ord3684
ord13387
ord7108
ord13381
ord2164
ord4744
ord13854
ord11784
ord7548
ord7624
ord4805
ord13047
ord2068
ord980
ord3628
ord5563
ord3978
ord9462
ord5809
ord8266
ord2748
ord3749
ord7901
ord2617
ord3436
ord921
ord6114
ord2841
ord2943
ord1262
ord6086
ord2824
ord2939
ord1226
ord3361
ord3261
ord13305
ord12413
ord11132
ord3368
ord902
ord1987
ord1450
ord7357
ord1310
ord286
ord2852
ord2951
ord2952
ord4413
ord4434
ord4392
ord4400
ord4404
ord4408
ord4388
ord11244
ord11246
ord2746
ord4290
ord296
ord5229
ord2629
ord13127
ord285
ord5264
ord7006
ord1335
ord1734
ord1312
ord2030
ord420
ord280
ord7911
ord11330
ord3174
ord2057
ord4511
ord11801
ord890
ord13568
ord13571
ord13569
ord13572
ord13567
ord13570
ord10976
ord14162
ord1739
ord3625
ord8530
ord11477
ord11476
ord1476
ord1479
ord12351
ord4150
ord4955
ord5652
ord422
ord12153
ord12951
ord4810
ord11838
ord2085
ord869
ord1270
ord781
ord13398
ord4276
ord2528
ord979
ord344
ord3626
ord788
ord1212
ord880
ord4139
ord4138
ord12001
ord11998
ord341
ord11999
ord919
ord6145
ord1282
ord1296
ord11123
ord8178
ord10057
ord10412
ord9525
ord3627
ord2981
ord2980
ord5556
ord12606
ord2417
ord8277
ord11163
ord5303
ord8347
ord5811
ord948
ord6073
ord5855
ord2185
ord7929
ord4355
ord6243
ord337
ord11997
ord12186
ord11940
ord7973
ord11159
ord5468
ord897
ord3397
ord4360
ord5801
ord5862
ord3446
ord1298
ord5558
ord12610
ord2887
ord2884
ord7385
ord2418
ord14146
ord14148
ord14147
ord14145
ord14149
ord6036
ord4606
ord11936
ord12940
ord11933
ord12930
ord8036
ord12933
ord12871
ord12182
ord12007
ord11786
ord11870
ord11511
ord11493
ord12628
ord12157
ord5826
ord374
ord12548
ord945
ord7529
ord7967
ord12944
ord11982
ord2184
ord5799
ord4356
ord2064
ord2614
ord2062
ord14132
ord14059
ord14060
ord8264
ord11081
ord3402
ord10937
ord13380
ord8112
ord11210
ord6247
ord10045
ord8393
ord2853
ord12724
ord1501
ord1508
ord1514
ord1512
ord1519
ord4425
ord4396
ord4430
ord4421
ord4379
ord4383
ord4416
ord3999
ord14067
ord6080
ord9957
ord6870
ord2756
ord4802
ord3992
ord2665
ord13382
ord7109
ord13388
ord6156
ord10725
ord12557
ord5276
ord2339
ord11116
ord3491
ord4642
ord4923
ord5115
ord8483
ord4901
ord5143
ord4645
ord4794
ord4623
ord6931
ord6932
ord6922
ord4792
ord7393
ord9333
ord8346
ord917
ord6318
ord265
ord266
ord7512
ord1300
ord1301
ord323
ord1873
ord1945
ord2088
ord2090
ord1953
ord908
ord13605
ord2091
ord322
ord2055
ord2053
ord2080
ord1984
ord2045
ord3413
ord408

msvcr100

_CIlog10
fprintf
fclose
fscanf
__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
_time64
_localtime64_s
_wtoi
memset
_CIpow
memmove_s
memcpy_s
_purecall
memcpy
sprintf
malloc
free
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
memmove
strncmp
__CxxFrameHandler3
_wfopen
fgets

kernel32

WaitForSingleObject
ReleaseMutex
CloseHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
LocalFree
GetLastError
Sleep
GlobalAlloc
CreateFileW
WriteFile
GlobalFree
LocalAlloc
CreateMutexW

user32

PostMessageW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
LoadCursorW
SetCursor
GetMessagePos
ReleaseCapture
SetCapture
InvalidateRect
GetClientRect
PtInRect
GetSysColor
GetSystemMetrics
IsWindow
EnableWindow
GetParent
RedrawWindow
GetWindowRect
SendMessageW
DrawFocusRect
DrawFrameControl
DrawEdge
OffsetRect
InflateRect
SetRect
CopyRect
MessageBoxW

gdi32

GetViewportExtEx
CreatePen
CreatePalette
GetDeviceCaps
RealizePalette
GetTextExtentPoint32W
GetStockObject
GetObjectW
GetDIBits
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
GetBkColor
GetMapMode
GetViewportOrgEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
Ellipse
RoundRect
BitBlt
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
Rectangle

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear

inoskinuiu

??1CInoSkinPComboBox@@UAE@XZ
??1CInoSkinPButton@@UAE@XZ
?GetRuntimeClass@CInoSkinPDialog@@UBEPAUCRuntimeClass@@XZ
?PreTranslateMessage@CInoSkinPDialog@@UAEHPAUtagMSG@@@Z
?OnCommand@CInoSkinPDialog@@MAEHIJ@Z
?Create@CInoSkinPDialog@@UAEHIPAVCWnd@@@Z
?Create@CInoSkinPDialog@@UAEHPBGPAVCWnd@@@Z
?DoModal@CInoSkinPDialog@@UAEHXZ
?OnOK@CInoSkinPDialog@@UAEXXZ
?OnCancel@CInoSkinPDialog@@UAEXXZ
?PreInitDialog@CInoSkinPDialog@@MAEXXZ
?AdjustControlsLayout@CInoSkinPDialog@@UAEXXZ
?OnBeforeExpand@CInoSkinPDialog@@UAEXXZ
?OnAfterExpand@CInoSkinPDialog@@UAEXXZ
?OnRTLChanged@CInoSkinPDialog@@UAEXH@Z
?OnSetPlacement@CInoSkinPDialog@@UAEHAAUtagWINDOWPLACEMENT@@@Z
?OnDrawBackstageWatermark@CInoSkinPDialog@@UAEXPAVCDC@@VCRect@@@Z
?GetRibbonStartPageLeftPaneWidth@CInoSkinPDialog@@UAEHXZ
?OnDrawRibbonBackgroundImage@CInoSkinPDialog@@UAEXPAVCDC@@VCRect@@@Z
?SetActiveMenu@CInoSkinPDialog@@MAEXPAVCInoSkinPPopupMenu@@@Z
?OnSize@CInoSkinPDialog@@IAEXIHH@Z
??0CInoSkinPButton@@QAE@XZ
??0CInoSkinPComboBox@@QAE@XZ
??0CInoSkinPDialog@@QAE@IPAVCWnd@@@Z
?OnDestroy@CInoSkinPDialog@@IAEXXZ
?EnableVisualManagerStyle@CInoSkinPDialog@@QAEXHHPBV?$CList@II@@@Z
?OnInitDialog@CInoSkinPDialog@@MAEHXZ
?GetThisMessageMap@CInoSkinPDialog@@KGPBUAFX_MSGMAP@@XZ
??1CInoSkinPDialog@@UAE@XZ

msvcp100

?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

xscope

?setSampleWindow@xscope@@YAXH@Z
?getNewBodeGraph@xscope@@YAHPBNHNPAN11AAH@Z
?smooth@xscope@@YAHPBN00HNPAN1@Z
?setSpeedAmplitude@xscope@@YAXN@Z
?checkBodeGraph@xscope@@YAHPBNNAAHAAN222@Z
?getOpenLoopFC@xscope@@YAHPBNHNPAN11111111AAH@Z

Exports

Exports

CreateInterFace
SafeRelease
SetQueryInterfaceCallback
SupportedInterface

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07b1ccc656cf8a02232adc27b618dbc8

Headers

DLL Characteristics

File Characteristics

Imports

mfc100u

msvcr100

kernel32

user32

gdi32

oleaut32

inoskinuiu

msvcp100

xscope

Exports

Exports

Sections

.text Size: 103KB - Virtual size: 103KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 103KB - Virtual size: 103KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 13KB - Virtual size: 13KB