9bb1d4d1fdb57771312338ceee44516a9903c0286cd6a37927cb9cd3669eabed

Sharing

Copy URL Twitter E-mail

General

Target

9bb1d4d1fdb57771312338ceee44516a9903c0286cd6a37927cb9cd3669eabed
Size

204KB
MD5

669f456c98ec1bd66839c859eacb3e82
SHA1

5eac402386907519c0859eb7cb99fac1e449414d
SHA256

9bb1d4d1fdb57771312338ceee44516a9903c0286cd6a37927cb9cd3669eabed
SHA512

1cd46cceb473aeb612b3776f40e156092f92fab42c2672158cdf0c1b97284cc7cae7e0bd200e63613feaed1fefbd7b10d5f6dbf6ec7c3a13947160c27986e967
SSDEEP

3072:NzdOhZ71jzwESnuuvOUouS7nHQ047XkAV740a4CE8kEHwLGU5b7IC:NhOhZRm74ldk8O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9bb1d4d1fdb57771312338ceee44516a9903c0286cd6a37927cb9cd3669eabed

Files

9bb1d4d1fdb57771312338ceee44516a9903c0286cd6a37927cb9cd3669eabed
.dll windows:5 windows x86 arch:x86

e48f64553ea74cd19fa433e9174e27cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
MultiByteToWideChar
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchangeAdd
GetSystemTimeAsFileTime
LocalFree
LocalAlloc
ReleaseMutex
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
OpenMutexA
CreateFileMappingA
CreateMutexA
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
SetLastError
TlsGetValue
TlsSetValue
TlsFree
GlobalMemoryStatus
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
CreateFileA
DisableThreadLibraryCalls
GetModuleFileNameA
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
GetModuleHandleW
GetCurrentProcess
GetVersionExW
GetModuleHandleA
GetProcAddress
GetProcessHeap
HeapAlloc
GetLastError
HeapFree
WaitForSingleObject
InterlockedExchange
GetExitCodeThread
Sleep
TerminateThread
CloseHandle
CreateThread
LoadLibraryA
SetFilePointer
HeapSize
GetConsoleMode
GetConsoleCP
VirtualAlloc
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCommandLineA
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
InterlockedIncrement
InterlockedDecrement
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
GetCPInfo

user32

SetForegroundWindow
SetWindowTextW
UpdateWindow
GetSystemMetrics
PostMessageA
ShowWindow
SetWindowPos
DefWindowProcA
EndDialog
DialogBoxParamW
GetDlgItem
GetWindowRect
IsWindow
SendMessageA
SetWindowLongA
GetWindowLongA

gdi32

SetTextColor
SetBkColor
CreateSolidBrush
CreateFontA

advapi32

AddAccessAllowedAce
SetSecurityDescriptorDacl
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
CreateWellKnownSid
GetSecurityDescriptorSacl
SetSecurityInfo
FreeSid

winmm

timeKillEvent
timeSetEvent

Exports

Exports

LoginUiConfirmShow

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e48f64553ea74cd19fa433e9174e27cb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winmm

Exports

Exports

Sections

.text Size: 134KB - Virtual size: 133KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 5KB - Virtual size: 15KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 134KB - Virtual size: 133KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 5KB - Virtual size: 15KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 10KB