fecda1f0b14be685292a319a71415c275a44c7d76589cb09e112ac62f9f648a3N

Sharing

Copy URL Twitter E-mail

General

Target

fecda1f0b14be685292a319a71415c275a44c7d76589cb09e112ac62f9f648a3N
Size

5.9MB
MD5

a2f290a2e6d7b2f1ccce4c04c9435c90
SHA1

36ad9bcff0618667ed4c7ef4009727cc229f00ab
SHA256

fecda1f0b14be685292a319a71415c275a44c7d76589cb09e112ac62f9f648a3
SHA512

4258594f512db0a25af999fd62aa477254b4e5764f021b10e399d7ac434084316f8a707c72cd249ffe95e1985785c758536b68108d3ee5261f1c2417ea847dab
SSDEEP

98304:raeJ6V12jMh62FXoYLygGPFC7e57BwOdCkwTSVRkeEx9u2W8yIHuUsLChZ/h8v17:RJ67V62Fr7GE7A7BwaC6VOVxm8j9csZU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fecda1f0b14be685292a319a71415c275a44c7d76589cb09e112ac62f9f648a3N

Files

fecda1f0b14be685292a319a71415c275a44c7d76589cb09e112ac62f9f648a3N
.dll windows:6 windows x86 arch:x86

999379df5fe522577056046f20e6d6ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FillConsoleOutputCharacterA
FillConsoleOutputAttribute
GetConsoleScreenBufferInfo
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
SetEnvironmentVariableA
SetEndOfFile
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
LoadLibraryExW
OutputDebugStringW
SetStdHandle
GetACP
CloseHandle
ReadConsoleW
GetConsoleMode
WriteFile
IsDebuggerPresent
AreFileApisANSI
ExitProcess
EnumSystemLocalesW
SetConsoleTextAttribute
GetLocaleInfoW
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsSetValue
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentThreadId
GetCommandLineA
WriteConsoleW
GetModuleHandleExW
GetFileType
RtlUnwind
SetFilePointerEx
GetSystemTimeAsFileTime
GetCPInfo
ReadFile
LeaveCriticalSection
EnterCriticalSection
EncodePointer
WideCharToMultiByte
SetConsoleCursorPosition
Sleep
GetStdHandle
CompareFileTime
SetConsoleMode
DeleteFileA
TlsFree
OpenFileMappingA
GetThreadTimes
TlsAlloc
GetStringTypeW
GetModuleHandleA
GetOEMCP
CreatePipe
LoadLibraryA
GlobalFree
IsValidCodePage
FlushFileBuffers
GlobalUnlock
MultiByteToWideChar
CompareStringW
CreateFileW
GetSystemDirectoryA
GetModuleFileNameW
TerminateProcess
CreateProcessA
MulDiv
Beep
IsProcessorFeaturePresent
GetFileAttributesA
GetSystemTimeAdjustment
InitializeCriticalSectionAndSpinCount
IsValidLocale
GetConsoleCP
OpenProcess
GetProcessTimes
SetCommTimeouts
GetWindowsDirectoryA
GetTickCount
ConnectNamedPipe
SetCommBreak
InitializeSListHead
GetCurrentProcess
GetCommState
TlsGetValue
GlobalMemoryStatus
GetEnvironmentVariableW
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
RaiseException
InitializeCriticalSectionEx
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
CreateThread
LocalFree
GetCurrentProcessId
GetOverlappedResult
SetCommState
GetUserDefaultLCID
ExpandEnvironmentStringsA

user32

ShowOwnedPopups
SetCursor
GetMessageA
SetWindowRgn
IsIconic
SetKeyboardState
GetParent
LoadIconA
RemoveMenu
AppendMenuA
RemovePropA
GetClientRect
SetFocus
DrawEdge
ShowCaret
BeginPaint
GetDoubleClickTime
CreateIconIndirect
GetQueueStatus
GetCapture
ShowCursor
GetKeyboardState
InflateRect
OffsetRect
GetWindowTextA
GetKeyboardLayout
InvalidateRect
GetWindowLongA
SetClassLongA
GetDlgItem
DestroyCaret
GetSysColor
CheckDlgButton
SetMenu
EnableScrollBar
IsWindow
InsertMenuA
ValidateRgn
DestroyMenu
DialogBoxParamA
GetCaretBlinkTime
SetDlgItemTextA
SetScrollInfo
CheckMenuItem
MessageBoxA
DrawMenuBar
EndPaint
DestroyAcceleratorTable
LoadStringA
GetWindowInfo
SetParent
DrawFocusRect
UnionRect
DrawStateW
RegisterClassW
SetWindowTextA
LoadCursorA
SetScrollRange
WaitMessage
GetDC
GetDesktopWindow
MapDialogRect

gdi32

Polygon
GetDeviceCaps
StretchBlt
CreateFontIndirectA
GetRegionData
DeleteObject
GetPaletteEntries
CreatePenIndirect
PolyPolyline
CreateRectRgnIndirect
CreateBrushIndirect
OffsetRgn
ExtCreateRegion
SaveDC
RealizePalette
SetPolyFillMode
GetTextExtentPointW
GetBkColor
GetDIBColorTable
GetTextExtentExPointA
GetTextExtentPointA
GetCharABCWidthsFloatA
CreatePen
GetCharacterPlacementW
CreateDIBitmap
SetWinMetaFileBits
RestoreDC
SetWindowOrgEx
TranslateCharsetInfo
SetPaletteEntries
BitBlt
SetWindowExtEx
CreateFontA
CopyEnhMetaFileA
GetRgnBox
SelectObject
SelectPalette
GetSystemPaletteEntries
CreatePatternBrush
GetPixel
EndDoc
GetStockObject
CloseEnhMetaFile
CreateEnhMetaFileW
UpdateColors
GetObjectW
SetTextAlign
SetTextColor
ExtFloodFill
LineTo
GetWindowOrgEx
SetLayout
PolyPolygon
IntersectClipRect
CreatePolygonRgn
MoveToEx

advapi32

GetUserNameA
RegOpenKeyExW
SetSecurityDescriptorDacl
RegDeleteKeyA
RegQueryValueExW
AllocateAndInitializeSid
RegCloseKey

ole32

CoTaskMemFree

Exports

Exports

gqpusqfz
pgkwda
mfltkmmiq

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eOA
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

999379df5fe522577056046f20e6d6ff

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.data Size: 4.4MB - Virtual size: 4.4MB

.idata Size: 6KB - Virtual size: 8KB

.eOA Size: 3KB - Virtual size: 4KB

.reloc Size: 39KB - Virtual size: 40KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 4.4MB - Virtual size: 4.4MB

.idata
Size: 6KB - Virtual size: 8KB

.eOA
Size: 3KB - Virtual size: 4KB

.reloc
Size: 39KB - Virtual size: 40KB