decc609689d71e5ea7584c197f28942a11464ee61a64cb098c6953e17be5777d

Sharing

Copy URL

Twitter E-mail

General

Target

decc609689d71e5ea7584c197f28942a11464ee61a64cb098c6953e17be5777d
Size

2.7MB
MD5

06e753ee263f4f992e793f2e1f524004
SHA1

89b3bf050b1354ebe099016038e57370786749aa
SHA256

decc609689d71e5ea7584c197f28942a11464ee61a64cb098c6953e17be5777d
SHA512

1cc948afd35f1ad4502bba1103ea3f75d85677f5c59fb8abb5e4e4b0062d040d6c3497a67e23515895f9b40553451a973c7c23abcd7c5c29dcbcbd40f7a5c7e4
SSDEEP

49152:gsWUDUNcrxAiCrJdHYf3ae9ZIgYc2xAWnq9YcBEdb:gsWUDUudAisdeaQXWnke

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
decc609689d71e5ea7584c197f28942a11464ee61a64cb098c6953e17be5777d

Files

decc609689d71e5ea7584c197f28942a11464ee61a64cb098c6953e17be5777d
.dll windows:5 windows x86 arch:x86

6badf3c09f3b3f46a1700965ebb47ced

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

UNfzlFnwxzViY.h3.pdb

Imports

advapi32

SetFileSecurityA

user32

CallMsgFilterA
CallNextHookEx
keybd_event
DrawFocusRect
SetMenu
OffsetRect
SetScrollInfo
CloseDesktop
IsCharLowerA
GetScrollPos
AnyPopup
CheckRadioButton
GetDlgCtrlID
SetScrollRange

ole32

OleCreateEmbeddingHelper
HBITMAP_UserSize

gdi32

SetTextJustification
GetEnhMetaFileHeader
SetBrushOrgEx
SetColorAdjustment
GetCharABCWidthsFloatA
SetMapMode
PlgBlt

oleaut32

VarBstrFromUI1
LHashValOfNameSysA

shlwapi

PathAppendA
PathGetDriveNumberA
SHRegEnumUSKeyW

mprapi

MprInfoBlockRemove
MprAdminInterfaceGetInfo

wintrust

CryptCATAdminCalcHashFromFileHandle

winmm

midiOutOpen

rpcrt4

RpcErrorEndEnumeration
RpcBindingSetObject

msacm32

acmFormatSuggest

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringA
CloseHandle
CreateFileA
LCMapStringW
GetLocaleInfoA
LoadLibraryA
VirtualAlloc
HeapReAlloc
HeapAlloc
IsValidCodePage
GetACP
GetCPInfo
VirtualFree
ReadProcessMemory
CreateThread
FindActCtxSectionGuid
CreateDirectoryExW
CompareStringW
GetCommandLineA
GetModuleHandleW
GetModuleFileNameA
GetStdHandle
GetModuleFileNameW
WinExec
GetOEMCP
WaitForMultipleObjectsEx
ReleaseSemaphore
GenerateConsoleCtrlEvent
GetLastError
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetStdHandle
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
DeleteCriticalSection
FlushFileBuffers
GetProcAddress
TlsGetValue
TlsSetValue
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
HeapFree
ExitProcess
RtlUnwind
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar

opengl32

glPopAttrib

Exports

Exports

WeentmuathessCwte

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 212KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

AVD
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

StnbpJd
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6badf3c09f3b3f46a1700965ebb47ced

Headers

File Characteristics

PDB Paths

Imports

advapi32

user32

ole32

gdi32

oleaut32

shlwapi

mprapi

wintrust

winmm

rpcrt4

msacm32

kernel32

opengl32

Exports

Exports

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 212KB - Virtual size: 218KB

AVD Size: 28KB - Virtual size: 24KB

.rsrc Size: 4KB - Virtual size: 848B

StnbpJd Size: 84KB - Virtual size: 82KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 212KB - Virtual size: 218KB

AVD
Size: 28KB - Virtual size: 24KB

.rsrc
Size: 4KB - Virtual size: 848B

StnbpJd
Size: 84KB - Virtual size: 82KB