35f4633f6e88dc2bec1ccd976165da743ff2e50d302c4a4aeaa4af87f7a24a4bN

Sharing

Copy URL Twitter E-mail

General

Target

35f4633f6e88dc2bec1ccd976165da743ff2e50d302c4a4aeaa4af87f7a24a4bN
Size

183KB
MD5

46f261953feeb8e554aa464c758a6ea0
SHA1

646021fd7a4d74895c8112b6d2822b9cc9fd50e9
SHA256

35f4633f6e88dc2bec1ccd976165da743ff2e50d302c4a4aeaa4af87f7a24a4b
SHA512

427406f1285f5eeed666374ae720d61736f6571234a05af925f351b95cdf02efd046f28ba86e18f6a12a89198a2e76d52f8a53dc7d976d27f1274ea851ba9b62
SSDEEP

3072:JL2bPmjXhyBqkVKoCaERtXS5b0jj57I0YA2lQBV+UdE+rECWp7hK+8+Ew4u:B2AXh2qwIaE7e4jS09BV+UdvrEFp7hKE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35f4633f6e88dc2bec1ccd976165da743ff2e50d302c4a4aeaa4af87f7a24a4bN

Files

35f4633f6e88dc2bec1ccd976165da743ff2e50d302c4a4aeaa4af87f7a24a4bN
.dll windows:5 windows x86 arch:x86

0078e7acb88ac5b68049da7e0b520f56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WritePrivateProfileStringA
GetPrivateProfileStringA
GetWindowsDirectoryA
GetShortPathNameA
MoveFileExA
DeleteFileA
GetWindowsDirectoryW
FindClose
FindNextFileA
FindFirstFileA
GetSystemDirectoryW
GetSystemDirectoryA
GetACP
SetLastError
RemoveDirectoryA
GetModuleFileNameA
LocalAlloc
FreeLibrary
LoadLibraryA
GetExitCodeProcess
CreateProcessW
HeapSize
GetStringTypeW
GetStringTypeA
HeapReAlloc
VirtualAlloc
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
GetConsoleCP
WriteFile
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoA
WinExec
GetSystemWindowsDirectoryA
SetFileAttributesA
CopyFileA
ReadFile
CreateFileW
CreateFileA
GetLastError
GetFileSize
CloseHandle
CreateThread
Sleep
GetVersionExA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
OutputDebugStringW
lstrcpyA
GetLocalTime
OutputDebugStringA
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
LCMapStringA
RaiseException
HeapAlloc
TlsFree
TlsSetValue
TlsAlloc
RtlUnwind
GetCurrentThreadId
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue

user32

PostMessageA
LoadCursorA
RegisterClassA
GetDesktopWindow
SendMessageA
DrawTextExA
SetWindowLongA
ShowWindow
UpdateWindow
BringWindowToTop
GetWindowLongA
DefWindowProcA
BeginPaint
GetDC
GetClientRect
GetSysColor
DrawTextA
EndPaint
ReleaseDC
DestroyWindow
UnregisterClassA
wsprintfW
wvsprintfA
wsprintfA
CreateWindowExA
GetWindowRect

gdi32

RemoveFontResourceA
AddFontResourceA
EnumFontFamiliesExA
GetStockObject
SetBkMode
CreateSolidBrush
SelectObject
CreatePen
DeleteObject
Rectangle

advapi32

RegDeleteKeyA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

Exports

Exports

DllMain
KcFontInstall
KcFontWizard
KcInstallFonts
KcRemovePackage
KcRunGetModuleStrings
KcRunModuleCount

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0078e7acb88ac5b68049da7e0b520f56

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 74KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 74KB - Virtual size: 74KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB