55618b390bccdc32b6050dde41d9fa8d9da4d4cee0599211417dfca1f4d03405

Sharing

Copy URL Twitter E-mail

General

Target

55618b390bccdc32b6050dde41d9fa8d9da4d4cee0599211417dfca1f4d03405
Size

168KB
MD5

5142a5ffeb1c0a3c357981bb2a5e4804
SHA1

e40540453d5dd5c08735e655af3203b55f01b04f
SHA256

55618b390bccdc32b6050dde41d9fa8d9da4d4cee0599211417dfca1f4d03405
SHA512

40959ca38f53bce8bcd672ec18e34b6a407699fc4fee0f51c74c0e880da4cdbff3bbdfcc19d22835a1be4e95d76dd0f911692a2c16e1b9cd6a239854edaad460
SSDEEP

3072:s1h9oYLb2iwZ4Pu6QbyGcKa+bbd0SUSJbr6zblpfF8SSVMdpb8:slb4KudyrKRKSUOSSVMdpb8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55618b390bccdc32b6050dde41d9fa8d9da4d4cee0599211417dfca1f4d03405

Files

55618b390bccdc32b6050dde41d9fa8d9da4d4cee0599211417dfca1f4d03405
.dll windows:4 windows x64 arch:x64

425c45b0fb3e81c10b4084faf4dfd72e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

PDB Paths

Imports

advapi32

GetUserNameA
GetUserNameW
RegCloseKey
RegCreateKeyA
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueA
RegEnumKeyExW
RegEnumValueA
RegOpenCurrentUser
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW

kernel32

CloseHandle
CreateFileW
DeviceIoControl
DisableThreadLibraryCalls
ExpandEnvironmentStringsW
FreeLibrary
GetDriveTypeA
GetDriveTypeW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetTickCount
HeapAlloc
HeapReAlloc
IsBadStringPtrA
IsBadStringPtrW
LoadLibraryW
MultiByteToWideChar
RaiseException
WideCharToMultiByte
lstrcmpW

ntdll

_vsnprintf

ucrtbase

__acrt_iob_func
__stdio_common_vsprintf
__stdio_common_vswprintf
_recalloc
_strdup
calloc
free
fwrite
getenv
iswalpha
malloc
memcmp
memcpy
memmove
memset
strchr
strcmp
strcpy
strcspn
strlen
strncmp
wcschr

user32

DialogBoxParamW
EndDialog
GetDlgItem
GetWindowLongPtrW
GetWindowTextA
LoadStringW
SetWindowLongPtrW
SetWindowTextA

Exports

Exports

MultinetGetConnectionPerformanceA
MultinetGetConnectionPerformanceW
MultinetGetErrorTextA
MultinetGetErrorTextW
NPSAuthenticationDialogA
NPSCopyStringA
NPSDeviceGetNumberA
NPSDeviceGetStringA
NPSGetProviderHandleA
NPSGetProviderNameA
NPSGetSectionNameA
NPSNotifyGetContextA
NPSNotifyRegisterA
NPSSetCustomTextA
NPSSetExtendedErrorA
PwdChangePasswordA
PwdChangePasswordW
PwdGetPasswordStatusA
PwdGetPasswordStatusW
PwdSetPasswordStatusA
PwdSetPasswordStatusW
WNetAddConnection2A
WNetAddConnection2W
WNetAddConnection3A
WNetAddConnection3W
WNetAddConnectionA
WNetAddConnectionW
WNetCachePassword
WNetCancelConnection2A
WNetCancelConnection2W
WNetCancelConnectionA
WNetCancelConnectionW
WNetClearConnections
WNetCloseEnum
WNetConnectionDialog
WNetConnectionDialog1A
WNetConnectionDialog1W
WNetDisconnectDialog
WNetDisconnectDialog1A
WNetDisconnectDialog1W
WNetEnumCachedPasswords
WNetEnumResourceA
WNetEnumResourceW
WNetFMXEditPerm
WNetFMXGetPermCaps
WNetFMXGetPermHelp
WNetFormatNetworkNameA
WNetFormatNetworkNameW
WNetGetCachedPassword
WNetGetConnectionA
WNetGetConnectionW
WNetGetDirectoryTypeA
WNetGetHomeDirectoryA
WNetGetHomeDirectoryW
WNetGetLastErrorA
WNetGetLastErrorW
WNetGetNetworkInformationA
WNetGetNetworkInformationW
WNetGetPropertyTextA
WNetGetProviderNameA
WNetGetProviderNameW
WNetGetResourceInformationA
WNetGetResourceInformationW
WNetGetResourceParentA
WNetGetResourceParentW
WNetGetUniversalNameA
WNetGetUniversalNameW
WNetGetUserA
WNetGetUserW
WNetLogoffA
WNetLogoffW
WNetLogonA
WNetLogonNotify
WNetLogonW
WNetOpenEnumA
WNetOpenEnumW
WNetPasswordChangeNotify
WNetPropertyDialogA
WNetRemoveCachedPassword
WNetRestoreConnection
WNetRestoreConnectionA
WNetRestoreConnectionW
WNetSetConnectionA
WNetSetConnectionW
WNetUseConnectionA
WNetUseConnectionW
WNetVerifyPasswordA
WNetVerifyPasswordW

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 4KB - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 352B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

425c45b0fb3e81c10b4084faf4dfd72e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

ntdll

ucrtbase

user32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.data Size: 4KB - Virtual size: 192B

.rodata Size: 4KB - Virtual size: 1KB

.rdata Size: 8KB - Virtual size: 5KB

.buildid Size: 4KB - Virtual size: 53B

.eh_fram Size: 4KB - Virtual size: 664B

.pdata Size: 4KB - Virtual size: 2KB

.xdata Size: 4KB - Virtual size: 2KB

.bss Size: - Virtual size: 352B

.edata Size: 4KB - Virtual size: 2KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 32KB - Virtual size: 30KB

.reloc Size: 4KB - Virtual size: 32B

.text
Size: 44KB - Virtual size: 41KB

.data
Size: 4KB - Virtual size: 192B

.rodata
Size: 4KB - Virtual size: 1KB

.rdata
Size: 8KB - Virtual size: 5KB

.buildid
Size: 4KB - Virtual size: 53B

.eh_fram
Size: 4KB - Virtual size: 664B

.pdata
Size: 4KB - Virtual size: 2KB

.xdata
Size: 4KB - Virtual size: 2KB

.bss
Size: - Virtual size: 352B

.edata
Size: 4KB - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 32KB - Virtual size: 30KB

.reloc
Size: 4KB - Virtual size: 32B