4111b19831e1820812a96386a2ec144cba6c8a693bff0974912f41a5529c753fN

Sharing

Copy URL Twitter E-mail

General

Target

4111b19831e1820812a96386a2ec144cba6c8a693bff0974912f41a5529c753fN
Size

505KB
MD5

6e98e0ecbea18603cd37da91af3cc240
SHA1

02d53fbd322b70ab1ce13723033860de9e02164b
SHA256

4111b19831e1820812a96386a2ec144cba6c8a693bff0974912f41a5529c753f
SHA512

eebab92f880fdc112058ea6cf0c14888e61cab8bf2812ef46635639339338335d9233e7777d47816a67e9571f559e7b25c22cf9ab8292252b4c93fb4ae06ee58
SSDEEP

12288:CX20mJO82gCz/PBUjXWTon9IV7SIHH65z4diIbv94tEFb:CXsI82/zhUSo9IFSInq0dim9Fb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4111b19831e1820812a96386a2ec144cba6c8a693bff0974912f41a5529c753fN

Files

4111b19831e1820812a96386a2ec144cba6c8a693bff0974912f41a5529c753fN
.dll windows:6 windows x86 arch:x86

8a04a4482fc99a814ea848dcf77a1358

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetStdHandle
HeapSize
GetModuleHandleExW
ExitProcess
GetProcessHeap
IsDebuggerPresent
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetEnvironmentStringsW
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP
WriteFile
GetModuleFileNameW
CloseHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointerEx
HeapReAlloc
LoadLibraryExW
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadConsoleW
CreateFileW
SuspendThread
GetExitCodeThread
GetPrivateProfileStringW
GetLogicalDrives
GetTempFileNameW
GetSystemDirectoryW
GetDriveTypeW
GetTickCount
VerifyVersionInfoW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetFileAttributesW
LoadResource
DeviceIoControl
QueryDosDeviceW
HeapDestroy
GetSystemDefaultUILanguage
EnumResourceNamesW
ResumeThread
GetSystemInfo
FileTimeToSystemTime
LoadLibraryW
GetFileSize
UnhandledExceptionFilter
IsProcessorFeaturePresent
HeapAlloc
RtlUnwind
RaiseException
GetCPInfo
GetCurrentThreadId
GetCommandLineA
HeapFree
GetLastError
GetStringTypeW
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar

user32

SetRect
GetKeyboardType
IsIconic
CharLowerBuffW
GetDoubleClickTime
SendDlgItemMessageW
EnableWindow
SetDlgItemTextA
GetSysColor
ToAsciiEx
InsertMenuW
DestroyWindow
MessageBeep
ShowCursor
CreateCaret
SystemParametersInfoA
SetDlgItemTextW
GetCaretBlinkTime
TranslateMDISysAccel
RegisterClassA
GetSystemMenu
PostQuitMessage
CharNextW
SetKeyboardState
KillTimer
DeleteMenu
LoadIconA
GetClientRect
CreateMenu
GetWindowTextLengthA
SetScrollRange
GetDC
GetKeyboardLayout
SetWindowLongA
MessageBoxA
InvalidateRect
LoadMenuW
GetWindowLongA
PeekMessageA
EnableMenuItem
MonitorFromWindow
CharUpperW
GetDesktopWindow
PostMessageA
ReleaseCapture
ScrollWindowEx
RegisterClassW
MapWindowPoints
LoadCursorA
SetMenuItemInfoW
ValidateRect
CheckMenuItem
GetMessageTime
EndPaint

gdi32

Rectangle
CreateCompatibleDC
CreateBrushIndirect
CreateFontA
SetDIBColorTable
GetPixel
UpdateColors
PatBlt
CopyEnhMetaFileA
MaskBlt
SetPixel
Polyline
GetStockObject
ExtTextOutA
ExtCreatePen
CreateFontIndirectA
GdiFlush
SetPaletteEntries
GetBitmapBits
TranslateCharsetInfo
LineTo
SetTextColor
CreateFontIndirectW
CreatePalette
GetPaletteEntries
PolyPolyline
SetMapMode
GetSystemPaletteEntries
GetClipBox
RoundRect
CreateDIBitmap
CreatePenIndirect

advapi32

RegUnLoadKeyW
ChangeServiceConfigW
RegGetKeySecurity
RegSetValueExW
RegLoadKeyW
GetLengthSid
GetUserNameA
RegSetKeySecurity
QueryServiceStatus
StartServiceW
InitializeSecurityDescriptor
EqualSid

shell32

CommandLineToArgvW
ExtractIconExW
SHGetFileInfoW
Shell_NotifyIconW

oleaut32

SafeArrayGetUBound
VariantCopy
VariantClear
SafeArrayPtrOfIndex
VariantChangeType
SafeArrayGetLBound

Sections

.text
Size: 383KB - Virtual size: 383KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 473KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a04a4482fc99a814ea848dcf77a1358

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

Sections

.text Size: 383KB - Virtual size: 383KB

.rdata Size: 84KB - Virtual size: 84KB

.data Size: 20KB - Virtual size: 473KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 383KB - Virtual size: 383KB

.rdata
Size: 84KB - Virtual size: 84KB

.data
Size: 20KB - Virtual size: 473KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 16KB - Virtual size: 15KB