0a08249c941d948aec3a6eb626a15e30N

Sharing

Copy URL Twitter E-mail

General

Target

0a08249c941d948aec3a6eb626a15e30N
Size

2.4MB
MD5

0a08249c941d948aec3a6eb626a15e30
SHA1

f0c85d874286c3ab4f421b1b9ce1208caf329e06
SHA256

3490697d020e77c9c636ad19a2beeee263978fe150c25154a82a1ba56ac8c3a7
SHA512

51295cc8680ea9be7756ef0f79d4cf206443aa842ab7b82a47cc6c9ae989de90c8ee2f3b453a45e617c026eadcb6649a2d7931294789816194adf72a80ee4674
SSDEEP

49152:TFJGgPgZ5RbrWwR0vqaAa7wEPfqBiarnzM0uHLpA8RPY:Tb3PgVbrWvwEnyrnzXaW8m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a08249c941d948aec3a6eb626a15e30N

Files

0a08249c941d948aec3a6eb626a15e30N
.dll windows:5 windows x86 arch:x86

f9aa6d922ee64bb3cc0f98c2357bcacb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

FlashWindow
AllowSetForegroundWindow
GetClassWord
HiliteMenuItem
ArrangeIconicWindows
ReleaseDC
CloseDesktop
MonitorFromWindow

mprapi

MprAdminTransportSetInfo
MprConfigGetGuidName

shell32

ShellAboutA
ExtractIconExW

oleaut32

SafeArrayCreate
VarI2FromStr

rpcrt4

RpcBindingCopy
RpcNetworkIsProtseqValidA
RpcBindingSetObject

kernel32

CreateFileA
FileTimeToSystemTime
GetLargestConsoleWindowSize
HeapCreate
GetQueuedCompletionStatus
LoadLibraryExA
GetFileTime
OutputDebugStringA
CloseHandle
ReadConsoleInputW

netapi32

NetGroupAdd

gdi32

GetPixel
GetBitmapDimensionEx
Rectangle
GetPixelFormat
PathToRegion
MoveToEx
CreateCompatibleDC

lz32

GetExpandedNameW

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt1
Size: 4KB - Virtual size: 518B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9aa6d922ee64bb3cc0f98c2357bcacb

Headers

DLL Characteristics

File Characteristics

Imports

user32

mprapi

shell32

oleaut32

rpcrt4

kernel32

netapi32

gdi32

lz32

Sections

.text Size: 12KB - Virtual size: 9KB

.crt1 Size: 4KB - Virtual size: 518B

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 60KB - Virtual size: 57KB

.CRT Size: 2.3MB - Virtual size: 2.3MB

.rsrc Size: 4KB - Virtual size: 928B

.reloc Size: 16KB - Virtual size: 14KB

.text
Size: 12KB - Virtual size: 9KB

.crt1
Size: 4KB - Virtual size: 518B

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 60KB - Virtual size: 57KB

.CRT
Size: 2.3MB - Virtual size: 2.3MB

.rsrc
Size: 4KB - Virtual size: 928B

.reloc
Size: 16KB - Virtual size: 14KB