1e24b30b30beed40d33d1af567df30ade08d0b9d41877b45316e6f12f2ff7a1d

Sharing

Copy URL Twitter E-mail

General

Target

1e24b30b30beed40d33d1af567df30ade08d0b9d41877b45316e6f12f2ff7a1d
Size

132KB
MD5

494ba25d125c30b0f568e7df51b631ca
SHA1

bc84d06609ad4eee8288e6262d5e0c708d38e885
SHA256

1e24b30b30beed40d33d1af567df30ade08d0b9d41877b45316e6f12f2ff7a1d
SHA512

188e51ba7c21145998e742c00e34dbf6d391127934938bc635e83101981b020631581304153a6fb4aeb9d76b1a38cf0c975959d8305f00b758f0448eb24c0577
SSDEEP

3072:3ffqwt4wIqYhb5tg5aITEq6n5eyrY9EDQV7xmM0pI5zghOjEFlkHGe2:3KweW005dvjd7MZI5AOj0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e24b30b30beed40d33d1af567df30ade08d0b9d41877b45316e6f12f2ff7a1d

Files

1e24b30b30beed40d33d1af567df30ade08d0b9d41877b45316e6f12f2ff7a1d
.dll windows:4 windows x86 arch:x86

db3be9ed3f89fee9f055eb582ac1bc94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress
GetFileAttributesW
GetVersion
GlobalUnlock
Sleep
CreateThread
TryEnterCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
GetModuleFileNameW
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GlobalSize
InterlockedExchange
ReleaseMutex
WaitForSingleObject
GetThreadLocale
GetVolumeInformationW
LocalAlloc
GetLocaleInfoW
InterlockedCompareExchange
GetModuleHandleW
GlobalAlloc
lstrcmpiW
TerminateProcess
InterlockedDecrement
InterlockedIncrement
GetCurrentProcess
GetLastError
lstrlenW
DisableThreadLibraryCalls
lstrcatW
lstrcpyW
LoadLibraryW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DeleteCriticalSection
SetLastError
lstrcpynW
FormatMessageW
LocalFree
IsBadReadPtr
FreeLibrary
LoadLibraryExW
GetSystemWindowsDirectoryW
OutputDebugStringA
VirtualProtect
GlobalFree
GetCommandLineA
CloseHandle

user32

LoadBitmapW
KillTimer
GetFocus
GetActiveWindow
SendDlgItemMessageW
IsDlgButtonChecked
LoadStringW
wsprintfW
MessageBoxW
LoadImageW
SetDlgItemTextW
WinHelpW
UpdateWindow
LoadIconW
ReleaseDC
DialogBoxParamW
GetWindow
GetDlgItemTextW
IsCharAlphaW
CheckRadioButton
GetDlgCtrlID
GetWindowContextHelpId
GetWindowTextLengthW
CheckDlgButton
ShowWindow
IsWindowEnabled
GetWindowRect
SendMessageW
InvalidateRect
GetClientRect
SetTimer
ValidateRect
SetWindowTextW
SetWindowLongW
SetFocus
EndDialog
GetWindowTextW
GetDlgItem
GetWindowLongW
RegisterClipboardFormatW
PostMessageW
GetParent
EnableWindow
SetWindowPos
MapWindowPoints
GetDC

advapi32

RegQueryValueExW
MakeSelfRelativeSD
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
ReportEventW
RegOpenKeyA
RegDeleteKeyW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
GetLengthSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
EqualSid
CopySid
InitializeSecurityDescriptor
AllocateAndInitializeSid
FreeSid
LsaFreeMemory
GetSecurityDescriptorControl
RegOpenKeyW
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
RegCloseKey

gdi32

DeleteObject
SelectObject
GetTextMetricsW

ole32

CoInitialize
CoUninitialize
CreateStreamOnHGlobal
StringFromCLSID
ReleaseStgMedium
CLSIDFromString
CoCreateInstance
CoTaskMemAlloc
StringFromGUID2
CoTaskMemFree

msvcr71

_except_handler3
wcscpy
_adjust_fdiv
free
mbstowcs
wcstol
wcstoul
malloc
wcslen
_wcsnicmp
_initterm
wcsncpy
wcstombs
_onexit
_lock
__dllonexit
_unlock
_amsg_exit
_vsnwprintf
memcpy
_ultow
memset
_wcsicmp
wcschr
__CxxFrameHandler
_CxxThrowException
_XcptFilter
__CppXcptFilter
atoi

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db3be9ed3f89fee9f055eb582ac1bc94

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 4KB