22292b108539622bea1adda10411bf25571088663d18e192d3ccbd36e49c8024N

Sharing

Copy URL Twitter E-mail

General

Target

22292b108539622bea1adda10411bf25571088663d18e192d3ccbd36e49c8024N
Size

6.4MB
MD5

d20ec989daf99965e3e522237ba6a4c0
SHA1

9a7ea28e48c7fa8c50e1c76c62aa9f3bd0ed13cd
SHA256

22292b108539622bea1adda10411bf25571088663d18e192d3ccbd36e49c8024
SHA512

0ba2d006ae0839dd7621134c9014b5737b1e266a40119247c5d6e739c46391f6123fbf8dc5908933c4092132e06157fd726365b9ce7fd63c216fa0d93925b9ca
SSDEEP

196608:tuOYC6FdlOB5UQB/IPqGwRpM2r9goeWzI2ULvS2uBOcoznJl:tuOYDwxqSRM2pVI1LvS2jD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22292b108539622bea1adda10411bf25571088663d18e192d3ccbd36e49c8024N

Files

22292b108539622bea1adda10411bf25571088663d18e192d3ccbd36e49c8024N
.dll windows:6 windows x86 arch:x86

8e1158eaa87016295a61a0cc7d55ec4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
SetConsoleTextAttribute
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
CreateFileW
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetStdHandle
GetModuleFileNameW
WriteFile
GetFileType
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapSize
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
GetStartupInfoW
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
GetThreadTimes
GetStringTypeW
LoadLibraryA
CreateNamedPipeA
CreateProcessA
MulDiv
OpenProcess
SetCommTimeouts
SetEndOfFile
SetCommState
GetWindowsDirectoryA
GetCurrentThread
SetCommBreak
QueryPerformanceCounter
GetCurrentProcess
WaitNamedPipeA
GetCPInfo
CreateFileA
CreateThread
LocalFree
OpenFileMappingA
GetOEMCP
CreateEventA
GetSystemTimeAsFileTime
ExpandEnvironmentStringsA
GetTickCount
GetModuleHandleExW
FreeLibrary
GetModuleFileNameA
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetLastError
HeapReAlloc
HeapFree
RaiseException
RtlUnwind
HeapAlloc
GetCommandLineA
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetConsoleMode

user32

EndPaint
DestroyAcceleratorTable
GetSystemMenu
MapDialogRect
GetParent
GetWindowTextLengthA
OffsetRect
GetKeyboardLayout
GetScrollInfo
UnionRect
PeekMessageA
ReleaseDC
DefWindowProcA
FlashWindow
ReleaseCapture
SetWindowTextA
EnableWindow
EndMenu
SetDlgItemTextA
DestroyWindow
SetTimer
GetWindowRect
SetKeyboardState
IsZoomed
RemovePropA
GetClientRect
CreateIconIndirect
WaitMessage
GetDC
ShowCursor
UnregisterClassA
RedrawWindow
DestroyCursor
GetDesktopWindow
SetMenu
IsDlgButtonChecked
IsWindow
RemoveMenu
MessageBoxW
BeginDeferWindowPos
GetSystemMetrics
ValidateRgn
DialogBoxParamA
DrawFrameControl

gdi32

MoveToEx
SetLayout
CreateFontIndirectA
GetDIBits
CreateBitmap
DeleteObject
CreateCompatibleBitmap
GetObjectType
SelectPalette
GetDIBColorTable
GetTextExtentExPointA
GetNearestPaletteIndex
CreatePatternBrush
SetROP2
GetPixel
CloseEnhMetaFile
CreateEnhMetaFileW
CreateSolidBrush
SetWindowOrgEx
PatBlt
CreatePalette
GetObjectW
GetClipBox
EndDoc
GetCharABCWidthsFloatA

advapi32

AllocateAndInitializeSid
LookupPrivilegeValueW
GetUserNameA
RegOpenKeyExA

Sections

.text
Size: 521KB - Virtual size: 520KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e1158eaa87016295a61a0cc7d55ec4e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 521KB - Virtual size: 520KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 521KB - Virtual size: 520KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 13KB - Virtual size: 13KB