08601cbc743a6404f8a77582574b93f3a04a80b7bbf290634783f02b63b9c280

Sharing

Copy URL Twitter E-mail

General

Target

08601cbc743a6404f8a77582574b93f3a04a80b7bbf290634783f02b63b9c280
Size

357KB
MD5

4140077ea9564d9a58e10d0ff58657b4
SHA1

5a02aaf001041eac661e3fd530c9bd007077b7c7
SHA256

08601cbc743a6404f8a77582574b93f3a04a80b7bbf290634783f02b63b9c280
SHA512

9e716e97f2cb4a52a326d514d0ea47c72188f8832fd9ce377edbebcf0f1ed3b10198665b3decd8e6165d4ad52b720942256e01d1b8f008f099b8fd14ec016da7
SSDEEP

6144:wM7jq9VR4+qbqNw3vNwiCT1HOeWEBf6GwpD2kPQxzDhhs6IQoopcha:wkjqHe+qwmGB1HIEByGwxPIjsOoa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08601cbc743a6404f8a77582574b93f3a04a80b7bbf290634783f02b63b9c280

Files

08601cbc743a6404f8a77582574b93f3a04a80b7bbf290634783f02b63b9c280
.dll windows:5 windows x64 arch:x64

8e3f4c0a89da6354c91be5f44f5459ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
WriteFile
MultiByteToWideChar
WideCharToMultiByte
GetSystemTimeAsFileTime
GetHandleInformation
LocalFree
LocalAlloc
ReleaseMutex
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
OpenMutexA
CreateFileMappingA
CreateMutexA
SwitchToThread
SetEndOfFile
SetFilePointer
GetFileSize
CreateEventA
CreateFileA
GetCurrentThread
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
GlobalMemoryStatus
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
SetEvent
GetModuleFileNameA
GetSystemDirectoryA
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
GetModuleHandleW
GetCurrentProcess
GetVersionExW
GetModuleHandleA
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
WaitForSingleObject
GetExitCodeThread
Sleep
TerminateThread
CloseHandle
CreateThread
GetLastError
DisableThreadLibraryCalls
ResetEvent
HeapSize
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapDestroy
HeapCreate
FlsSetValue
GetCommandLineA
RtlLookupFunctionEntry
RtlUnwindEx
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
RaiseException
RtlPcToFileHeader
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation

user32

GetWindowLongPtrA
SetWindowTextW
UpdateWindow
GetSystemMetrics
PostMessageA
SetWindowLongPtrA
ShowWindow
SetWindowPos
DefWindowProcA
DialogBoxParamW
EndDialog
GetWindowRect
IsWindow
SetForegroundWindow
SendMessageA
GetDlgItem

gdi32

SetTextColor
SetBkColor
CreateSolidBrush
CreateFontA

advapi32

GetLengthSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
AllocateAndInitializeSid
InitializeSecurityDescriptor
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
OpenThreadToken
LookupPrivilegeValueW
PrivilegeCheck
GetUserNameA
CreateWellKnownSid
GetSecurityDescriptorSacl
SetSecurityInfo
OpenProcessToken
FreeSid

winmm

timeKillEvent
timeSetEvent

version

GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoA

Exports

Exports

LoginUiConfirmShow

Sections

.text
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e3f4c0a89da6354c91be5f44f5459ce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winmm

version

Exports

Exports

Sections

.text Size: 254KB - Virtual size: 254KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 7KB - Virtual size: 18KB

.pdata Size: 14KB - Virtual size: 13KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 254KB - Virtual size: 254KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 7KB - Virtual size: 18KB

.pdata
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB