1e1924f71adbc114dc68b348530e3620N

Sharing

Copy URL Twitter E-mail

General

Target

1e1924f71adbc114dc68b348530e3620N
Size

6.5MB
MD5

1e1924f71adbc114dc68b348530e3620
SHA1

3afd4ab57c6549da3f29d9308d1ff06ba2f9188e
SHA256

c934d5089f8865178cf7fce711e1e0038d6a6a356dfbf517c47d7aa22f09073e
SHA512

d54214e72d32cb33bb7ea13d40d39f2e0fb69a11b0b46168d7e4ed2b4ee6bcb7017953ae900eb4972a661f4827945e2f67c89d4b4095be31ad4ddc131810b420
SSDEEP

196608:kNePiHgbl+a9sCcZwKnAQgXEz3gdoFLsWVxHS+:/FblhcZwKnfgUz3nxS+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e1924f71adbc114dc68b348530e3620N

Files

1e1924f71adbc114dc68b348530e3620N
.dll windows:6 windows x86 arch:x86

18789c126ad87beb87885b2f519dd10b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommState
WaitNamedPipeA
GetUserDefaultLCID
SignalObjectAndWait
OpenProcess
IsValidLocale
SizeofResource
GetFileAttributesW
GetModuleFileNameW
CompareStringW
ExitThread
GlobalUnlock
FindFirstFileA
IsDBCSLeadByteEx
SetLastError
VirtualAlloc
IsValidCodePage
GlobalFree
GetDiskFreeSpaceW
FindClose
GetModuleFileNameA
GetOEMCP
GetThreadPriority
GetStringTypeW
GetUserDefaultUILanguage
SetEndOfFile
FileTimeToLocalFileTime
DeleteFileA
CreateThread
CreateFileW
OutputDebugStringW
ReadConsoleW
WriteConsoleW
SetStdHandle
LoadLibraryExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
WriteFile
GetFileType
GetStdHandle
GlobalMemoryStatus
CreateFileA
GetEnvironmentVariableW
DeleteFileW
GetVersion
CloseHandle
VirtualProtect
IsDebuggerPresent
RemoveDirectoryW
LoadLibraryA
ResetEvent
EnumResourceNamesW
GetLastError
GetTempPathW
FlushFileBuffers
GetTimeZoneInformation
LeaveCriticalSection
GetVersionExW
ReadProcessMemory
WideCharToMultiByte
SetCommTimeouts
ClearCommBreak
GetPrivateProfileStringW
ConnectNamedPipe
SetHandleInformation
HeapFree
SystemTimeToFileTime
GetLocaleInfoA
GetFileSize
WinExec
GetACP
GetProcessHeap
HeapSize
AreFileApisANSI
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetLocaleInfoW
LCMapStringW
EnterCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
HeapReAlloc
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
GetCommandLineA
GetCurrentThreadId
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent

user32

GetDlgCtrlID
GetKeyState
SetDlgItemInt
EnumChildWindows
IsRectEmpty
MapWindowPoints
EndMenu
MessageBoxW
DrawFrameControl
GetWindowThreadProcessId
IsIconic
GetDC
GetMenu
GetDesktopWindow
GetKeyboardType
GetDlgItemTextW
ToUnicode

gdi32

SetWindowOrgEx
PolyPolygon
SetViewportOrgEx
GetMetaFileBitsEx
PtInRegion
CombineRgn
SetStretchBltMode
CloseEnhMetaFile
CreateEnhMetaFileW
RectInRegion
SetPolyFillMode
StretchDIBits
GetBkColor
CreatePatternBrush
SetWinMetaFileBits
GetRegionData

comdlg32

FindTextW
GetSaveFileNameW

advapi32

RegSetValueExW
RegOpenKeyExW
ChangeServiceConfigW
LookupPrivilegeValueW
SetSecurityDescriptorDacl
RegQueryInfoKeyW
OpenServiceW
CloseServiceHandle
RegLoadKeyW

shell32

CommandLineToArgvW
SHGetFileInfoW

ole32

CoInitialize

oleaut32

SafeArrayPtrOfIndex
VariantChangeType
VariantClear
VariantInit

Sections

.text
Size: 520KB - Virtual size: 520KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 17.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18789c126ad87beb87885b2f519dd10b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 520KB - Virtual size: 520KB

.data Size: 5.9MB - Virtual size: 17.0MB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 520KB - Virtual size: 520KB

.data
Size: 5.9MB - Virtual size: 17.0MB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 13KB - Virtual size: 12KB