e465db9a7e3802692f402022d13650f12a656586eb03dfc421903fe81ced30fd

Sharing

Copy URL Twitter E-mail

General

Target

e465db9a7e3802692f402022d13650f12a656586eb03dfc421903fe81ced30fd
Size

6.5MB
MD5

1dcbb3b655f2513d5d24ec89b884ba70
SHA1

f3bbfb75f9e27597ab6ebce2be374258649c0197
SHA256

e465db9a7e3802692f402022d13650f12a656586eb03dfc421903fe81ced30fd
SHA512

696a21587f2e991e3baa66cdc4c3e437f807d52953672bd653e170a3a2168fb0b5c1a9d34c4371c2af917975a1c75a82a2547f1bf4bbfca4adfc89cc0edfdd36
SSDEEP

196608:Wj2grs48c7f3/VMNMHM2Bf71OH0zcFwBWi:Wj2G97Hh/phXB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e465db9a7e3802692f402022d13650f12a656586eb03dfc421903fe81ced30fd

Files

e465db9a7e3802692f402022d13650f12a656586eb03dfc421903fe81ced30fd
.dll windows:6 windows x86 arch:x86

72ef9e230ee097055a803388d6226e65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetCurrentProcess
CreateDirectoryW
GetUserDefaultLCID
GetPrivateProfileStringW
WideCharToMultiByte
LoadLibraryW
GetLocaleInfoW
FormatMessageW
GetFileAttributesA
LeaveCriticalSection
GetACP
GetLastError
EnumResourceTypesW
FindNextFileA
GetThreadPriority
TlsAlloc
CloseHandle
GetWindowsDirectoryW
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
CreateFileW
FindResourceW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetStdHandle
GetOEMCP
IsValidCodePage
GetProcessHeap
HeapSize
VirtualQuery
GetDriveTypeW
TlsGetValue
GetFileSize
GetFullPathNameW
ExpandEnvironmentStringsW
GetThreadTimes
DeleteFileW
GetVersion
FindNextFileW
GetModuleHandleA
ExitProcess
VirtualAlloc
SetLastError
IsDBCSLeadByteEx
GetCPInfoExW
GetPrivateProfileIntW
GetStartupInfoW
GetTimeZoneInformation
GetModuleFileNameW
FileTimeToSystemTime
CreateEventA
GetProcessTimes
CompareFileTime
SetErrorMode
EnumResourceNamesW
ReadConsoleW
GetModuleHandleExW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
EnterCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TerminateProcess
TlsSetValue
TlsFree
GetModuleHandleW
GetProcAddress

user32

GetDlgItemInt
CharUpperBuffW
DrawTextExW
SendDlgItemMessageW
GetSysColorBrush
BeginDeferWindowPos
SetDlgItemTextW
GetWindowLongW
MapWindowPoints
ToUnicode
DrawFrameControl
CheckMenuItem
CopyRect
IsIconic
GetWindowInfo
GetDC
InflateRect
SetDlgItemInt
GetMenu
GetClassNameW
GetDesktopWindow
InsertMenuW
EndMenu
GetDlgCtrlID
SendMessageW

gdi32

SetWindowOrgEx
Arc
GetMetaFileBitsEx
Polygon
ExtCreateRegion
CreateEnhMetaFileW
PolyPolygon
SetLayout
ExtFloodFill
CreateHatchBrush
CreateFontIndirectW
StretchBlt
GetBkColor
SetViewportOrgEx

comdlg32

FindTextW
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegUnLoadKeyW
SetSecurityDescriptorOwner
QueryServiceStatus
RegSetValueExW
RegCloseKey
RegLoadKeyW
StartServiceW

shell32

Shell_NotifyIconW

oleaut32

VariantChangeType
VariantCopy
SafeArrayGetLBound
SysReAllocStringLen
SafeArrayCreate

Sections

.text
Size: 540KB - Virtual size: 539KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 60.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72ef9e230ee097055a803388d6226e65

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 540KB - Virtual size: 539KB

.data Size: 5.9MB - Virtual size: 60.6MB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 540KB - Virtual size: 539KB

.data
Size: 5.9MB - Virtual size: 60.6MB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 12KB