4693ed5228a0c00a6af2b404bbeb689adef44ccc0a31775ca1af939db0f34d4fN

Sharing

Copy URL Twitter E-mail

General

Target

4693ed5228a0c00a6af2b404bbeb689adef44ccc0a31775ca1af939db0f34d4fN
Size

76KB
MD5

f30f1d7b4eadcadfe731fdfef1c8b110
SHA1

43753e2ac42fa3831a85e4cb5a29914cfc430cd9
SHA256

4693ed5228a0c00a6af2b404bbeb689adef44ccc0a31775ca1af939db0f34d4f
SHA512

b317a1764f4e5544101848a7d0912c9169ca0a6894c4df74fa9be00e5b0968a034f2b0ef3776cc59fe6d9eb620060e28d7dd839e32220b5e4ab9235f604211ec
SSDEEP

1536:Yro1NsrvHUIR5ZQ+inGRNXWoSZwz1gUathQ:Yro1Nst5Sgeolgd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4693ed5228a0c00a6af2b404bbeb689adef44ccc0a31775ca1af939db0f34d4fN

Files

4693ed5228a0c00a6af2b404bbeb689adef44ccc0a31775ca1af939db0f34d4fN
.dll windows:4 windows x86 arch:x86

b183f3c9ddccd8efda8685824d449613

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
MoveFileExA
MapViewOfFile
ReleaseMutex
CreateFileMappingA
HeapValidate
GetComputerNameA
CreateDirectoryA
InterlockedExchange
GetModuleHandleA
VirtualQuery
CreateThread
LoadLibraryA
GetModuleFileNameA
CreateProcessA
WaitForSingleObject
CopyFileA
GetProcAddress
EnterCriticalSection
InitializeCriticalSection
CreateMutexA
GetLastError
VirtualProtect
CloseHandle
GetSystemTimeAsFileTime
SetComputerNameA
UpdateResourceA
TransactNamedPipe
SetLastError
GetThreadContext
FindNextVolumeW
OpenEventW
DuplicateHandle
IsBadStringPtrA
GetFullPathNameA
GetUserDefaultUILanguage
BindIoCompletionCallback
LCMapStringA
QueueUserWorkItem
FindResourceW
GetFileSizeEx
GetQueuedCompletionStatus
PeekConsoleInputA
GlobalMemoryStatusEx
VerSetConditionMask
WinExec
OpenEventA
GetAtomNameW
WaitForMultipleObjects
LocalLock
GlobalAlloc
WriteConsoleA
RegisterWaitForSingleObject
OpenJobObjectW
HeapUnlock
GetCurrentProcessId
LocalUnlock
MoveFileA
GetThreadTimes
lstrcatA
SetErrorMode
GetDiskFreeSpaceW
Beep
LockFileEx
SetLocalTime
CreateFileMappingW
CreateIoCompletionPort
FillConsoleOutputCharacterW
ProcessIdToSessionId
GetWindowsDirectoryA
GetProfileStringW
GetSystemWindowsDirectoryA
GetDateFormatA
VirtualFree
RemoveDirectoryA
ChangeTimerQueueTimer
PeekConsoleInputW
EnumResourceLanguagesW
GetVolumeInformationA
HeapSetInformation
FindResourceExW
CreateNamedPipeA
GetEnvironmentVariableA
Sleep
VerifyVersionInfoW
GetLargestConsoleWindowSize
EnumSystemLocalesA
WriteProfileStringW
FindAtomW
LoadResource
InterlockedCompareExchange
SleepEx
SetVolumeMountPointW
SetConsoleWindowInfo
InterlockedExchangeAdd
FindVolumeClose
GetAtomNameA
GetComputerNameW
ConnectNamedPipe
RegisterWaitForSingleObjectEx
GetTimeFormatW
IsWow64Process
GlobalGetAtomNameA
GetUserDefaultLangID
ConvertDefaultLocale
GetEnvironmentStrings
CreatePipe
GetCurrentDirectoryA
GetLocaleInfoW
OpenProcess
WaitForSingleObjectEx
DeleteFileW
AllocConsole
FindCloseChangeNotification
GetLogicalDrives
CopyFileExW
GetTapeParameters
GetShortPathNameW
InterlockedIncrement
LocalAlloc
SetProcessWorkingSetSize
GetEnvironmentVariableW
AreFileApisANSI
GetCommandLineW
DeleteCriticalSection
LocalHandle
GlobalMemoryStatus
FindClose
IsValidCodePage
CreateEventW
QueryPerformanceFrequency
OpenSemaphoreA
SetSystemTime
FindFirstFileA
SetEndOfFile
lstrcmpiW
CreateConsoleScreenBuffer
GetFileTime
GetVersionExA
LocalSize
SetDefaultCommConfigW
GetDiskFreeSpaceA
GetModuleHandleExW
SetCurrentDirectoryW
MultiByteToWideChar
SetEnvironmentVariableW
FormatMessageA
CreateRemoteThread
CreateJobObjectW

ole32

CoUninitialize
CoTaskMemAlloc
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleRegGetUserType
CoFreeUnusedLibrariesEx
CoRevertToSelf
StgOpenStorageEx
CreateItemMoniker
OleRun
OleCreateLink
CoFreeUnusedLibraries
OleLoad
IIDFromString
StringFromIID
OleCreateStaticFromData
CoDisableCallCancellation
CoSetProxyBlanket
CoSwitchCallContext
CoGetClassObject
OleSaveToStream
CoLockObjectExternal
StgIsStorageFile
OleUninitialize
CoDisconnectObject
OleSetMenuDescriptor
CoReleaseMarshalData
CoMarshalInterface
CreateBindCtx
CreatePointerMoniker
OleSetContainedObject
CoTaskMemRealloc
StgCreateDocfile
CoQueryProxyBlanket
OleCreateLinkFromData
PropVariantCopy

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b183f3c9ddccd8efda8685824d449613

Headers

File Characteristics

Imports

kernel32

ole32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 912B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 912B

.reloc
Size: 4KB - Virtual size: 1KB