f317c2633e9378c2c0ee12e9c693ffcad0179debcebb2cd0a4aac0982942f158N

Sharing

Copy URL Twitter E-mail

General

Target

f317c2633e9378c2c0ee12e9c693ffcad0179debcebb2cd0a4aac0982942f158N
Size

318KB
MD5

70b3c72f422f73a8820510b77c3db6c0
SHA1

f29a8c356e4b2322783f2fa98b23f379a97da15b
SHA256

f317c2633e9378c2c0ee12e9c693ffcad0179debcebb2cd0a4aac0982942f158
SHA512

d7efe91b285589dcf8cbbfd103d3a30795b480e11a7da66e59da98a55c9bcb6e2b73fbc14f4efb940fcbf6b03b8a36021eba8045acf8e8becaaabaed3ca5164f
SSDEEP

6144:UM8Vme8Ql9Co4TVOe7v+6yAC39O7lrKmRxCWBV+UdvrEFp7hKZ:UaiA7v+FACtO7AmGWBjvrEH7q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f317c2633e9378c2c0ee12e9c693ffcad0179debcebb2cd0a4aac0982942f158N

Files

f317c2633e9378c2c0ee12e9c693ffcad0179debcebb2cd0a4aac0982942f158N
.dll windows:5 windows x86 arch:x86

44aa009a51b9652f92e1615b04f2c164

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
GetFullPathNameW
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
InterlockedDecrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCurrentThreadId
WaitForSingleObject
SetErrorMode
GetCurrentProcessId
InterlockedIncrement
CompareStringW
lstrcmpA
GetFileSize
GetVersionExA
lstrcmpW
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GlobalFlags
GetModuleHandleA
CompareStringA
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineA
RaiseException
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
Sleep
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetFileTime
GetFileSizeEx
GetFileAttributesW
CreateFileW
CloseHandle
FindFirstFileW
FindClose
LocalAlloc
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
FileTimeToLocalFileTime
FileTimeToSystemTime
WideCharToMultiByte
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
GetLastError
SetLastError
GlobalAlloc
GlobalFree
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
lstrlenA
SizeofResource

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
UrlUnescapeW

wininet

InternetConnectW
HttpOpenRequestW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetSetOptionExW
InternetQueryDataAvailable
HttpSendRequestExW
HttpEndRequestW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
HttpAddRequestHeadersW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

SetWindowTextW
ClientToScreen
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
DestroyMenu
PostQuitMessage
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindowTextW
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
UnregisterClassW
SetWindowsHookExW
CallNextHookEx
DispatchMessageW
SendMessageW
GetKeyState
PeekMessageW
ValidateRect
UnhookWindowsHookEx
CharUpperW
GetSystemMetrics
GetMenuState
RegisterWindowMessageW
LoadIconW
GetMenuItemID
GetMenuItemCount
GetSubMenu
WinHelpW
GetClassLongW
GetCapture
GetClassNameW
SetPropW
GetPropW
RemovePropW

gdi32

SetBkColor
DeleteObject
SaveDC
RestoreDC
SetMapMode
PtVisible
CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
SetTextColor
RectVisible
TextOutW
ExtTextOutW
Escape
DeleteDC
GetStockObject
GetClipBox
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetDeviceCaps
SelectObject

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

comdlg32

GetFileTitleW

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

CloseLogServer
OpenInfoServer
OpenLogServer
SendLogServer

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44aa009a51b9652f92e1615b04f2c164

Headers

File Characteristics

Imports

kernel32

shlwapi

wininet

oleacc

user32

gdi32

winspool.drv

comdlg32

oleaut32

Exports

Exports

Sections

.text Size: 166KB - Virtual size: 165KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 9KB - Virtual size: 23KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 29KB - Virtual size: 29KB

.text
Size: 166KB - Virtual size: 165KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 9KB - Virtual size: 23KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 29KB - Virtual size: 29KB