4b07ff861a4bbdbded93fc0dd3ce2f034fc5bd9d5020d7caab7d4d381d0e1929N

Sharing

Copy URL Twitter E-mail

General

Target

4b07ff861a4bbdbded93fc0dd3ce2f034fc5bd9d5020d7caab7d4d381d0e1929N
Size

513KB
MD5

373c731185da78d5b21e3c5435c91050
SHA1

009222710a36cebfdf9ad1d66769f4fba03d7615
SHA256

4b07ff861a4bbdbded93fc0dd3ce2f034fc5bd9d5020d7caab7d4d381d0e1929
SHA512

810b0a44b5b43b759c7890b2d1148a6754443651d2d9e14f46ebfb0a495ca2bf28239b7d90d226db2b5133a78f8fa1d6e17b5468dd76d49ba5e8f4acb7269e68
SSDEEP

6144:+6hn9gogBFBxKniyqPW59IwCdN51sc4BWCdkQ/KmgmsIqj/CqDUtO9ljd4Tk7lUh:LOBFjKjFr4TJQyfmsUqYofjdok7AMq5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b07ff861a4bbdbded93fc0dd3ce2f034fc5bd9d5020d7caab7d4d381d0e1929N

Files

4b07ff861a4bbdbded93fc0dd3ce2f034fc5bd9d5020d7caab7d4d381d0e1929N
.dll windows:6 windows x86 arch:x86

6738107294e6643b27ac95209a7f6758

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
CreateFileW
HeapReAlloc
SetFilePointerEx
ReadFile
GetConsoleMode
FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
CreateEventA
GetLastError
GetSystemTime
GetCurrentProcessId
FindNextFileA
SetCurrentDirectoryA
GetConsoleCP
GetCommandLineA
GetEnvironmentStringsW
GetTickCount
QueryPerformanceCounter
GetSystemDefaultLangID
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetStringTypeW
HeapFree
GetCurrentThreadId
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsDebuggerPresent
GetProcessHeap
ExitProcess
GetModuleHandleExW
HeapSize
GetStdHandle
GetFileType
GetModuleFileNameA
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP

user32

GetKeyboardState
DestroyWindow
GetSystemMenu
IsZoomed
GetWindowTextLengthA
GetDoubleClickTime
LoadAcceleratorsW
GetWindowPlacement
SetScrollPos
DrawStateW
CreatePopupMenu
IsDlgButtonChecked
SetMenuItemInfoA
ToUnicode
CheckMenuItem
CopyRect

gdi32

RectVisible
SetMetaFileBitsEx
ExtFloodFill
CreateDIBSection
EnumFontFamiliesExA
SetTextAlign
IntersectClipRect
ExtTextOutA
CreateSolidBrush
Polygon

advapi32

RegDeleteKeyA
AllocateAndInitializeSid

Sections

.text
Size: 394KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fkdcsjyq
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

asoptmk
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yleofx
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

spamh
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6738107294e6643b27ac95209a7f6758

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 394KB - Virtual size: 393KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 7KB - Virtual size: 15KB

fkdcsjyq Size: 12KB - Virtual size: 11KB

asoptmk Size: 1KB - Virtual size: 1KB

yleofx Size: 512B - Virtual size: 220B

spamh Size: 5KB - Virtual size: 4KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 394KB - Virtual size: 393KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 7KB - Virtual size: 15KB

fkdcsjyq
Size: 12KB - Virtual size: 11KB

asoptmk
Size: 1KB - Virtual size: 1KB

yleofx
Size: 512B - Virtual size: 220B

spamh
Size: 5KB - Virtual size: 4KB

.reloc
Size: 13KB - Virtual size: 12KB