866b29c751d41cfc35f055c69e5e846f524d1ab097875641cbadfa15768cc21c

Sharing

Copy URL Twitter E-mail

General

Target

866b29c751d41cfc35f055c69e5e846f524d1ab097875641cbadfa15768cc21c
Size

140KB
MD5

fc2e9e04aa76975aa2dfbf3211cc57ec
SHA1

921ec17bbe935e147aee20d303b33b4b7e1b6c41
SHA256

866b29c751d41cfc35f055c69e5e846f524d1ab097875641cbadfa15768cc21c
SHA512

a6639241fe5d06d711023d40741b25232e4a0c56126fb1b1f9f0017a771d0c3e88469f1f7575f259794356ef1e70ee9523a758d004569b58fce6eff97f9175ed
SSDEEP

1536:eNWsZnbmjhNyc3T95OAFENaoZgD+5ZU1MBkmJzuUJ/YSjf6kDjtSoqE5G5rbT:BsZnajyATOAWAYjvXjNSa5Gt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
866b29c751d41cfc35f055c69e5e846f524d1ab097875641cbadfa15768cc21c

Files

866b29c751d41cfc35f055c69e5e846f524d1ab097875641cbadfa15768cc21c
.dll windows:5 windows x86 arch:x86

d97cc348c92314cf3b18e581f91862be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
EnterCriticalSection
LeaveCriticalSection
GetTickCount
SetProcessAffinityMask
WideCharToMultiByte
GetModuleHandleW
GetCurrentProcessId
GetCommandLineW
InitializeCriticalSection
RtlMoveMemory
GetProcessHeap
SetEndOfFile
GetPrivateProfileStringA
GetModuleHandleA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
SetFilePointer
CreateFileW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetCurrentProcess
GetProcAddress
LoadLibraryW
ExpandEnvironmentStringsW
GetCurrentThreadId
GlobalUnlock
GlobalLock
Sleep
ExitProcess
GetModuleFileNameW
GetModuleFileNameA
GlobalFree
CreateFileA
GlobalAlloc
VirtualAlloc
HeapReAlloc
GetSystemTimeAsFileTime
QueryPerformanceCounter
VirtualFree
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
VirtualProtect
SetHandleCount
HeapAlloc
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
RaiseException
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapFree
MultiByteToWideChar
ReadFile
WriteFile
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW

user32

CreateWindowExW
EnumWindows
SendMessageW
GetDC
ReleaseDC
GetWindowThreadProcessId
IsWindowVisible
GetWindowLongW
SetWindowPos
GetClientRect
ClientToScreen
SetCursorPos
mouse_event
keybd_event
FindWindowA
SetWindowTextW
SetWindowsHookExW
SetTimer
UpdateWindow
ShowWindow
CallNextHookEx
RegisterClassW
UnhookWindowsHookEx
DefWindowProcW
GetClassNameW
GetWindowTextW

gdi32

BitBlt
SelectObject
CreateCompatibleBitmap
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectW
DeleteDC
GetDeviceCaps
CreateCompatibleDC
CreateDCA
DeleteObject

ws2_32

WSCEnumProtocols
ntohs
ntohl
htons
inet_addr
WSAGetLastError
send
WSASetLastError
setsockopt
socket
connect
closesocket
recv
shutdown
WSCGetProviderPath

shlwapi

PathRemoveFileSpecW
PathRemoveFileSpecA

psapi

GetModuleBaseNameA

Exports

Exports

GetDllInfo
WSPStartup

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d97cc348c92314cf3b18e581f91862be

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ws2_32

shlwapi

psapi

Exports

Exports

Sections

.text Size: 109KB - Virtual size: 109KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 6KB - Virtual size: 55KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 109KB - Virtual size: 109KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 6KB - Virtual size: 55KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 8KB - Virtual size: 8KB