c84678de8bb2f508e61f66f67c4942850d3e5a69f669e352c2a0c635dbfaa7eeN

Sharing

Copy URL

Twitter E-mail

General

Target

c84678de8bb2f508e61f66f67c4942850d3e5a69f669e352c2a0c635dbfaa7eeN
Size

6.4MB
MD5

66e1a2eaff7514c29b83b8f52281d550
SHA1

371835e2a79f3003e7bae586bb5c02c2b66bea69
SHA256

c84678de8bb2f508e61f66f67c4942850d3e5a69f669e352c2a0c635dbfaa7ee
SHA512

f9bc915d249ce56acef45836408a7f42978d5625354f491a66b8ad0b310a115e5a8ebb4fa8b9f2eecc0ea5c873322489db400d3287dde0d8aae0b84a425e3d81
SSDEEP

196608:3VlqWoIgu8D+uTwVt0ThYRYsOjbzZfOnqPjtLY+i:FBCiuTuuThYWsyZ2Ajt+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c84678de8bb2f508e61f66f67c4942850d3e5a69f669e352c2a0c635dbfaa7eeN

Files

c84678de8bb2f508e61f66f67c4942850d3e5a69f669e352c2a0c635dbfaa7eeN
.dll windows:6 windows x86 arch:x86

7040894f3f0d95abb5553f462e7d0b62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileW
RtlCaptureContext
SetEndOfFile
SetErrorMode
LoadResource
SystemTimeToTzSpecificLocalTime
SetEnvironmentVariableW
QueryPerformanceCounter
CreateDirectoryW
SetHandleInformation
GlobalLock
GetUserDefaultLCID
GetLogicalDrives
GetTickCount
VirtualFree
TlsSetValue
GetSystemDirectoryW
WideCharToMultiByte
SizeofResource
HeapDestroy
GetFileAttributesA
GetFileAttributesW
CreateProcessA
WritePrivateProfileStringW
SetThreadLocale
GetLastError
SetLastError
GetThreadLocale
VirtualAlloc
FindClose
ResetEvent
LoadLibraryA
SwitchToThread
LockResource
QueryDosDeviceW
DeviceIoControl
CreatePipe
GetModuleFileNameA
GetOEMCP
FindNextFileW
GetWindowsDirectoryW
OpenFileMappingA
EnumSystemLocalesW
CreateFileW
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
CloseHandle
GetModuleFileNameW
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStdHandle
GetACP
IsValidCodePage
GetCurrentProcessId
WinExec
EnumResourceTypesW
EncodePointer
GetExitCodeThread
GetLocalTime
EnterCriticalSection
IsDBCSLeadByteEx
FlushFileBuffers
GetOverlappedResult
MulDiv
lstrcpynW
ReadProcessMemory
IsValidLocale
GetConsoleCP
VirtualQueryEx
WaitForSingleObjectEx
GetModuleHandleExW
InitializeSListHead
WaitNamedPipeA
UnmapViewOfFile
GetDateFormatW
GetFileType
IsDebuggerPresent
GetProcessHeap
HeapSize
ExitProcess
GetLocaleInfoW
LCMapStringW
LeaveCriticalSection
DeleteCriticalSection
DecodePointer
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
HeapFree
RaiseException
RtlUnwind
GetCommandLineA
GetCurrentThreadId
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent

user32

GetMenuItemInfoW
SendDlgItemMessageW
DrawMenuBar
GetMenuItemCount
CharLowerBuffW
ValidateRgn
EndMenu
DrawFrameControl
IsRectEmpty
CharUpperBuffW
DrawTextExW
CreateIconIndirect
GetDC
DrawStateW
GetDesktopWindow
CheckMenuItem
CopyRect
GetWindowThreadProcessId
SetDlgItemTextW

gdi32

SetLayout
PtInRegion
PlayEnhMetaFile
ExtCreateRegion
GetObjectW
SetViewportOrgEx
StretchBlt
RectInRegion
Ellipse
GetMetaFileBitsEx

comdlg32

GetOpenFileNameW

advapi32

RegOpenKeyExA
LookupPrivilegeValueW
SetSecurityDescriptorDacl
OpenServiceW
RegUnLoadKeyW
RegSetKeySecurity
RegQueryInfoKeyW
OpenProcessToken

shell32

SHGetFileInfoW
Shell_NotifyIconW
ExtractIconExW
ShellExecuteW

oleaut32

VariantCopy
SafeArrayPtrOfIndex
VariantClear

Sections

.text
Size: 505KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7040894f3f0d95abb5553f462e7d0b62

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 505KB - Virtual size: 504KB

.data Size: 5.9MB - Virtual size: 6.7MB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 505KB - Virtual size: 504KB

.data
Size: 5.9MB - Virtual size: 6.7MB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 13KB - Virtual size: 12KB