ee56fc84659c804ab0cc87c727b18ffb581a3c9ab0f8e0123c94068b8125fbcaN

Sharing

Copy URL

Twitter E-mail

General

Target

ee56fc84659c804ab0cc87c727b18ffb581a3c9ab0f8e0123c94068b8125fbcaN
Size

6.5MB
MD5

e3113968a149ffafeae402a2536df0e0
SHA1

d53059ac710c83ced4b2c122ee2933fe1a3d7f6c
SHA256

ee56fc84659c804ab0cc87c727b18ffb581a3c9ab0f8e0123c94068b8125fbca
SHA512

e2d801edc0b200059c3eeaf5aa40b3cfdd3dced6055498e4a40586858da1a8a4bc40bf47ea453766ecf633c8e14205d786244b65f10ce20f09d4f92c0d670de2
SSDEEP

196608:Uh/4EnDrAzLz3n1XiiT0F8NxRLqQULvgTAudax:Uh/D/ArJqul/KvniI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee56fc84659c804ab0cc87c727b18ffb581a3c9ab0f8e0123c94068b8125fbcaN

Files

ee56fc84659c804ab0cc87c727b18ffb581a3c9ab0f8e0123c94068b8125fbcaN
.dll windows:6 windows x86 arch:x86

0207ea2c9bd08420e9409d24764fe670

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileW
GetCurrentProcessId
EnumSystemLocalesW
ResumeThread
lstrcpyW
GetCommandLineW
GetEnvironmentVariableW
GetTempFileNameW
EnumResourceNamesW
CreateFileA
TlsGetValue
GetLocaleInfoA
VirtualQuery
FindResourceW
EnumCalendarInfoW
GetCommState
GetUserDefaultLCID
GetLogicalDrives
ConnectNamedPipe
WaitForSingleObjectEx
GetCurrentThread
GetConsoleCP
GetSystemDirectoryW
InitializeCriticalSectionAndSpinCount
GetVersionExW
HeapDestroy
GetFileAttributesA
lstrcpynW
CreateProcessA
GetSystemDirectoryA
GetStartupInfoW
WritePrivateProfileStringW
IsDBCSLeadByteEx
GetVersion
GlobalFree
FindClose
ResetEvent
GetLocalTime
QueryDosDeviceW
GetSystemInfo
VirtualProtect
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
SetEnvironmentVariableA
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
GetFileAttributesExW
GetExitCodeProcess
WaitForSingleObject
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetFileType
GetStdHandle
GetACP
FindNextFileA
RtlCaptureContext
GetOEMCP
GetModuleFileNameA
LockResource
GetLastError
RaiseException
GetTempPathW
SizeofResource
Sleep
SetCommTimeouts
GetTickCount
InitializeSListHead
GetCurrentProcess
FreeLibrary
GetSystemDefaultUILanguage
EnterCriticalSection
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapSize
AreFileApisANSI
WideCharToMultiByte
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
RtlUnwind
HeapFree
GetCommandLineA
GetCurrentThreadId
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TerminateProcess
TlsAlloc
TlsSetValue
TlsFree
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
ExitProcess
GetModuleHandleExW
CreateFileW

user32

ClientToScreen
GetDlgItemInt
PostMessageW
LoadStringA
GetWindowInfo
GetMenuItemInfoW
DrawFocusRect
SetWindowLongW
SendDlgItemMessageW
SetDlgItemTextW
SetWindowTextW
GetWindow
CharUpperBuffW
ModifyMenuW
EnumWindows
GetDC
GetClassNameW
GetDesktopWindow
EnumChildWindows
SetMenuItemInfoW
CheckMenuItem
IsRectEmpty
BeginDeferWindowPos

gdi32

PolyPolygon
SetTextColor
StretchDIBits
CreatePatternBrush
SetViewportOrgEx
Polygon
CreateFontIndirectW
RectInRegion
SetViewportExtEx
GetObjectW

comdlg32

GetOpenFileNameW

advapi32

SetSecurityDescriptorDacl
RegQueryInfoKeyW
RegConnectRegistryW

oleaut32

SysAllocStringLen
VariantCopy
VariantInit
SysReAllocStringLen

Sections

.text
Size: 586KB - Virtual size: 586KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0207ea2c9bd08420e9409d24764fe670

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

oleaut32

Sections

.text Size: 586KB - Virtual size: 586KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 586KB - Virtual size: 586KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 13KB - Virtual size: 12KB