d02404840635538d41f99f49d5cf7401293a305a8b829ced0b639deb9b2beedaN

Sharing

Copy URL Twitter E-mail

General

Target

d02404840635538d41f99f49d5cf7401293a305a8b829ced0b639deb9b2beedaN
Size

144KB
MD5

f74f8e2a1e1e4646d49c1f2dd8ddab60
SHA1

89e2e3dad561f21d22a2553848145b350a567723
SHA256

d02404840635538d41f99f49d5cf7401293a305a8b829ced0b639deb9b2beeda
SHA512

6fe7505f41681dbbd56843977c47186bf138f5f9e16d4818aca836e687ef540c1cf93e7a93290da1757c0dfc2ce1f5193f5049d4c993d20c463586670f3de0f5
SSDEEP

3072:mhmxH20oyeZ8AsDt2SqfMgBK9XN54Hq13kUeHUDw9G7Py:mAZ2rUz2hMg89XnIUpc9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d02404840635538d41f99f49d5cf7401293a305a8b829ced0b639deb9b2beedaN

Files

d02404840635538d41f99f49d5cf7401293a305a8b829ced0b639deb9b2beedaN
.dll windows:4 windows x86 arch:x86

fff028c346d6263b62e6c48b9623a283

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GlobalUnlock
IsDebuggerPresent
GlobalLock
GetPriorityClass
SetFilePointerEx
SetFilePointer
OpenFileMappingA
GetWindowsDirectoryA
GetConsoleAliasExesLengthW
GetProcessHeap
FlushConsoleInputBuffer
lstrcmpA
GetProcessWorkingSetSize
HeapSummary
SetFilePointer
GetConsoleTitleA
ReadConsoleOutputCharacterA
GlobalSize
CopyFileExW
GlobalReAlloc
RemoveDirectoryA
GetBinaryType
GetConsoleCP
GetExpandedNameA
SetCalendarInfoA
LZCopy
SetupComm
GetProcessHeaps
GlobalGetAtomNameA
GetStringTypeExA
UnregisterWaitEx
LoadLibraryExA
UnlockFile
GlobalMemoryStatusEx
SetConsoleCursorMode
GetTempPathA
FindClose
WriteConsoleOutputCharacterA
AddAtomA
OpenSemaphoreA
GetThreadSelectorEntry
GetVolumePathNamesForVolumeNameA
WriteConsoleOutputA
UnlockFile
SetSystemTime
ReadConsoleA
LZClose
DuplicateConsoleHandle
CancelWaitableTimer
GetCurrentThreadId
SetThreadPriorityBoost
GetEnvironmentStringsA
UnlockFileEx
VirtualAlloc
SetComputerNameA
GetProcessIoCounters
SetFirmwareEnvironmentVariableA
WriteConsoleA
GetVolumePathNameA
GetProcessId
ReleaseMutex
GetConsoleInputExeNameA
GetWriteWatch
GetCurrentThread
GetCommMask
CreateWaitableTimerA
GetCommTimeouts

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetSystemTime
timeGetTime

Exports

Exports

AddUvkjugoe
SetBgwydplus
CloseBfoufisbxh
SetNoiltqjmddq
Ocpoudbsc
WriteXqchgitb
EndCwkhbpoju
SetQvmtfebof

Sections

.idata
Size: - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 132KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fff028c346d6263b62e6c48b9623a283

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Exports

Exports

Sections

.idata Size: - Virtual size: 280B

.text Size: 132KB - Virtual size: 181KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 280B

.text
Size: 132KB - Virtual size: 181KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB