f5f27c949a0d1b25d920567e998f6e6da5561064f940fd90117f2e3cdc72e52cN

Sharing

Copy URL

Twitter E-mail

General

Target

f5f27c949a0d1b25d920567e998f6e6da5561064f940fd90117f2e3cdc72e52cN
Size

6.5MB
MD5

4821243dad313b2b6111286c734383e0
SHA1

c27a8dc5acd8eaa1e1afbb5eb195e9735bb6feb3
SHA256

f5f27c949a0d1b25d920567e998f6e6da5561064f940fd90117f2e3cdc72e52c
SHA512

5333bf9b064fe3920cb4e0a57c636af76affb68092d9657a3178500a71ae3e556784752118c9f572e92d9bdc95b620685d4cad1bca4a4b9a1d01f0e43f9a590c
SSDEEP

196608:Pw2j5+KhxNWdZ+T3WXtQICpYV6P9ZSoDEg0CpKMqp:Tj5LxsaLWds2hRg0n1p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5f27c949a0d1b25d920567e998f6e6da5561064f940fd90117f2e3cdc72e52cN

Files

f5f27c949a0d1b25d920567e998f6e6da5561064f940fd90117f2e3cdc72e52cN
.dll windows:6 windows x86 arch:x86

5a223d9a2c4d15fd881292f41aaf4f7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetDateFormatW
GetTempFileNameW
FindFirstFileW
RtlCaptureContext
GetDriveTypeW
SetErrorMode
FreeLibrary
SystemTimeToTzSpecificLocalTime
GetCurrentProcess
InitializeSListHead
GetModuleHandleExW
SignalObjectAndWait
TlsSetValue
GetConsoleCP
IsValidLocale
Sleep
FormatMessageW
GetVersionExW
HeapDestroy
CreateFileW
GetPrivateProfileIntW
VerifyVersionInfoW
GetThreadLocale
LoadLibraryA
DeviceIoControl
GetOEMCP
FindNextFileW
GetStringTypeW
GetUserDefaultUILanguage
DeleteCriticalSection
TlsAlloc
CloseHandle
GetVersion
LocalFree
GetSystemTime
EnumSystemLocalesW
DeleteFileA
ExpandEnvironmentStringsW
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
GetStdHandle
SetConsoleTextAttribute
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
FlushFileBuffers
GetModuleFileNameW
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
GetEnvironmentVariableW
GetThreadPriority
FindNextFileA
QueryDosDeviceW
RemoveDirectoryW
ResetEvent
WritePrivateProfileStringW
GetACP
HeapCreate
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentThread
WaitForSingleObjectEx
SetCommBreak
LoadResource
GetCPInfo
TlsGetValue
GetThreadTimes
GetModuleFileNameA
GetFileType
IsValidCodePage
GetProcessHeap
HeapSize
ExitProcess
GetUserDefaultLCID
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetLastError
HeapReAlloc
RaiseException
RtlUnwind
HeapFree
GetCommandLineA
GetCurrentThreadId
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TerminateProcess
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent
LCMapStringW
GetLocaleInfoW
SetConsoleMode

user32

DrawIconEx
DrawFocusRect
GetMenuItemCount
GetKeyboardType
DrawTextExW
GetDlgItemInt
GetWindow
GetMenuStringW
CharLowerBuffW
CreateIconIndirect
GetDC
LoadMenuW
CharUpperW
GetDesktopWindow
DrawMenuBar
EnableScrollBar
MessageBoxW
GetDlgItemTextW
SetMenuItemInfoW
BeginDeferWindowPos

gdi32

SetLayout
GetTextExtentPoint32W
SetWindowExtEx
SetTextColor
GetBkColor
CreateBitmapIndirect
GetObjectW
SetViewportExtEx
SetViewportOrgEx
GetRegionData
CombineRgn
GetNearestPaletteIndex
GetTextExtentPointW

advapi32

LookupPrivilegeValueW
RegCloseKey
AdjustTokenPrivileges
OpenServiceW
CloseServiceHandle

shell32

ShellExecuteW
ExtractIconExW

oleaut32

SysFreeString
SafeArrayPtrOfIndex
VariantChangeType
SysReAllocStringLen

Sections

.text
Size: 523KB - Virtual size: 523KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a223d9a2c4d15fd881292f41aaf4f7b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

Sections

.text Size: 523KB - Virtual size: 523KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 523KB - Virtual size: 523KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 12KB