6e8dcd64cc571dcc39480322a0b6e88e09c502a8cb2579278be3cfde8c8d31bcN

Sharing

Copy URL Twitter E-mail

General

Target

6e8dcd64cc571dcc39480322a0b6e88e09c502a8cb2579278be3cfde8c8d31bcN
Size

6.5MB
MD5

6fbfb8921e88b3bcf3b5d99dc7f67a20
SHA1

b38d3e87e0a90a8bed5fcda583a3200113d4290c
SHA256

6e8dcd64cc571dcc39480322a0b6e88e09c502a8cb2579278be3cfde8c8d31bc
SHA512

89ceff05be90809f5f303a6df1df41390df4277aeb9a8bd60dea07cfd6588bc4b49baa5186677ed4f18274dbc16e1822f0121f164eeca1153e4c3f630ac68be0
SSDEEP

196608:GDhxNWdZ+T3WXtQICpYV6P9ZSoDEg0CpKMqp:GlxsaLWds2hRg0n1p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e8dcd64cc571dcc39480322a0b6e88e09c502a8cb2579278be3cfde8c8d31bcN

Files

6e8dcd64cc571dcc39480322a0b6e88e09c502a8cb2579278be3cfde8c8d31bcN
.dll windows:6 windows x86 arch:x86

02f5063a3d6a3458e78a5b20b931ec5d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
SetFilePointerEx
ReadFile
GetFileType
GetStdHandle
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
CloseHandle
FreeEnvironmentStringsW
GetSystemDirectoryW
IsValidCodePage
GetProcessHeap
HeapSize
AreFileApisANSI
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetModuleFileNameW
LoadLibraryExW
SetStdHandle
WriteConsoleW
ReadConsoleW
OutputDebugStringW
CreateFileW
SetEndOfFile
SwitchToThread
GetUserDefaultUILanguage
GetDiskFreeSpaceW
VirtualAlloc
GetCPInfoExW
GetTempPathW
SetThreadPriority
GetFileAttributesW
lstrcpynW
GetVersionExW
HeapCreate
ReadProcessMemory
GetOEMCP
LoadLibraryW
VirtualQueryEx
GetPrivateProfileStringW
SystemTimeToFileTime
GetTempFileNameW
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
GetFullPathNameW
LoadResource
GetACP
GetProcAddress
GetModuleHandleW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapReAlloc
GetSystemTimeAsFileTime
HeapFree
RaiseException
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW

user32

MapDialogRect
PostQuitMessage
TrackPopupMenu
MsgWaitForMultipleObjects
GetDoubleClickTime
GetMenu
LoadMenuW
GetWindowLongA
DefWindowProcA
GetSysColor
CreateCaret
PostMessageA
FlashWindow
ReleaseCapture
GetSystemMetrics
SendMessageW
ReleaseDC
SetWindowTextW
SetMenuItemInfoW
SetScrollInfo
RegisterClassA
GetWindow
ShowOwnedPopups
SetCursor
GetSubMenu
GetWindowTextLengthA
OffsetRect
SetPropA
UnionRect
RedrawWindow
InsertMenuW
ValidateRect
GetMessageTime
GetClientRect
GetDC
EndDialog
GetDesktopWindow
EnumChildWindows
EnableWindow

gdi32

SetBkColor
SetDIBColorTable
ExcludeClipRect
GdiFlush
CreatePalette
CreateBitmap
GetPaletteEntries
SetMapMode
CreateCompatibleBitmap
SelectPalette
GetSystemPaletteEntries
GetStockObject
UpdateColors
GetCharacterPlacementW
CopyEnhMetaFileA
SetPixel
PolyPolyline
CreatePen
CreateSolidBrush
SelectClipRgn
CreateBrushIndirect
LineTo

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryInfoKeyW
RegLoadKeyW
GetUserNameA
AllocateAndInitializeSid
StartServiceW
OpenSCManagerW
GetLengthSid
OpenServiceW

shell32

Shell_NotifyIconW

oleaut32

SafeArrayPtrOfIndex
SysFreeString

Sections

.text
Size: 550KB - Virtual size: 549KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02f5063a3d6a3458e78a5b20b931ec5d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 550KB - Virtual size: 549KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 550KB - Virtual size: 549KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 12KB