f29f59557f962fc08555b722afc7c4553b18a2fbf07f91c7b8ceaae8db8006bc

Sharing

Copy URL Twitter E-mail

General

Target

f29f59557f962fc08555b722afc7c4553b18a2fbf07f91c7b8ceaae8db8006bc
Size

176KB
MD5

0c4ddd57e494aa2d75cca4b60e0ba6c9
SHA1

4a8c5d6520854c28baf5450b75b91d7ef8f25d01
SHA256

f29f59557f962fc08555b722afc7c4553b18a2fbf07f91c7b8ceaae8db8006bc
SHA512

5b5c21ba5fef10022a29a4327f37dfa813cef5912492277d93a7cd1ca95aa8e3b0db5b1b63f9cc216412fe9a2703714b4cdac0190fae33f2f88f0f58f146d8ba
SSDEEP

3072:szAifZ0JjAU8GdMyd35+9XgDopihnjbuCJEpILl4twALNmIl:szA8Wjznd9dpmi1fuu72mAhdl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f29f59557f962fc08555b722afc7c4553b18a2fbf07f91c7b8ceaae8db8006bc

Files

f29f59557f962fc08555b722afc7c4553b18a2fbf07f91c7b8ceaae8db8006bc
.dll windows:6 windows x86 arch:x86

a3483d846dc6dea124fd617864c2bf6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

Sleep
IsBadCodePtr
GetStdHandle
DisableThreadLibraryCalls
VirtualProtect
CloseHandle
CreateThread
GetStringTypeW
WriteConsoleW
LCMapStringW
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
SetStdHandle
GetFileType
GetLastError
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
WriteFile
GetModuleFileNameW
GetProcessHeap
DeleteCriticalSection
HeapFree
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
OutputDebugStringW
FlushFileBuffers
HeapReAlloc
CreateFileW

user32

GetCursorPos
GetAsyncKeyState
GetForegroundWindow
ScreenToClient

winmm

timeGetTime

d3dx9_43

D3DXMatrixRotationY
D3DXVec4Transform

Sections

.elfwt
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.01on
Size: 84KB - Virtual size: 88KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.0xofh
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_MEM_READ

.iqh49i
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8lqea
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.a9nm0
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.z8lr
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.2yhi8y
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ixlyel4
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.royv
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.n4mwnc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.3gtr
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.zc7z6
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.695o
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a3483d846dc6dea124fd617864c2bf6b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

winmm

d3dx9_43

Sections

.elfwt Size: 8KB - Virtual size: 8KB

.01on Size: 84KB - Virtual size: 88KB

.0xofh Size: 33KB - Virtual size: 36KB

.iqh49i Size: 6KB - Virtual size: 16KB

.8lqea Size: 1KB - Virtual size: 4KB

.a9nm0 Size: 7KB - Virtual size: 8KB

.z8lr Size: 4KB - Virtual size: 4KB

.2yhi8y Size: 4KB - Virtual size: 4KB

.ixlyel4 Size: 4KB - Virtual size: 4KB

.royv Size: 8KB - Virtual size: 8KB

.n4mwnc Size: 4KB - Virtual size: 4KB

.3gtr Size: 4KB - Virtual size: 4KB

.zc7z6 Size: 4KB - Virtual size: 4KB

.695o Size: 4KB - Virtual size: 4KB

.elfwt
Size: 8KB - Virtual size: 8KB

.01on
Size: 84KB - Virtual size: 88KB

.0xofh
Size: 33KB - Virtual size: 36KB

.iqh49i
Size: 6KB - Virtual size: 16KB

.8lqea
Size: 1KB - Virtual size: 4KB

.a9nm0
Size: 7KB - Virtual size: 8KB

.z8lr
Size: 4KB - Virtual size: 4KB

.2yhi8y
Size: 4KB - Virtual size: 4KB

.ixlyel4
Size: 4KB - Virtual size: 4KB

.royv
Size: 8KB - Virtual size: 8KB

.n4mwnc
Size: 4KB - Virtual size: 4KB

.3gtr
Size: 4KB - Virtual size: 4KB

.zc7z6
Size: 4KB - Virtual size: 4KB

.695o
Size: 4KB - Virtual size: 4KB