60d0050dd6d35145c90a18c729c80fccf100df7ce79f45dc534fb0379593c5a6

Sharing

Copy URL Twitter E-mail

General

Target

60d0050dd6d35145c90a18c729c80fccf100df7ce79f45dc534fb0379593c5a6
Size

286KB
MD5

6997fa7650ec3b35a0327acd162c3708
SHA1

c0cb55f88492677f40eeaa35bcbcd2c1886af025
SHA256

60d0050dd6d35145c90a18c729c80fccf100df7ce79f45dc534fb0379593c5a6
SHA512

ccfb65d1da1950a7f874de3f9e73a0a051bc07387baf2856fa1ff2befd5c8c0dc931daec82d6e5adfbd7431605d2ee00af764136405c0895244bbaed1ba0cae1
SSDEEP

3072:aUH6t8WKtDu1XHxdnGm7tRgBT6f6VQ4A84pEjLzq08QkBbWAlbzNRkoQ4MgPaWHH:b6tEtiV7Gm7v6erhpEjL+QxAKC3HDEE

Score

N/A

Malware Config

Signatures

Files

60d0050dd6d35145c90a18c729c80fccf100df7ce79f45dc534fb0379593c5a6
.dll regsvr32 windows x86

a35f4d5910b7aee58fedca80fea8eb51

Code Sign

76:c4:31:60:7a:2b:69:a2:66:7e:f7:2c:21:78:b5:3c:bd:1c:4f:ee
Signer

Actual PE Digest

76:c4:31:60:7a:2b:69:a2:66:7e:f7:2c:21:78:b5:3c:bd:1c:4f:ee

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

NO CERTIFICATE

01/01/0001, 00:00
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
GetLastError
LoadResource
FindResourceA
LoadLibraryExA
GetModuleFileNameA
CallNamedPipeA
WaitForSingleObject
CloseHandle
CreateNamedPipeA
ReadFile
WriteFile
ConnectNamedPipe
FlushFileBuffers
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
GetThreadLocale
SetThreadLocale
GetModuleHandleW
GetTempPathW
DeleteFileW
GetStartupInfoW
GetFileType
SetHandleCount
lstrlenW
WideCharToMultiByte
IsDBCSLeadByte
MultiByteToWideChar
lstrcmpiA
GetModuleHandleA
GetProcAddress
lstrlenA
DisconnectNamedPipe
FreeLibrary
GetProcessHeap
SetEndOfFile
WriteConsoleW
CreateFileA
GetConsoleMode
GetConsoleCP
Sleep
HeapSize
SetLastError
TlsFree
TlsSetValue
FreeEnvironmentStringsW
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
CreateFileW
GetStringTypeW
LCMapStringW
LoadLibraryW
HeapDestroy
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
LocalFree
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
GetCurrentThreadId
CreateThread
EncodePointer
DecodePointer
GetCommandLineA
HeapReAlloc
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetStdHandle
GetModuleFileNameW
HeapCreate

user32

CharNextW
CharNextA

advapi32

RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyA
RegQueryInfoKeyA

ole32

CoInitializeEx
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance

oleaut32

SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
UnRegisterTypeLi
SysAllocString
DispCallFunc
VariantInit
LoadTypeLi
LoadRegTypeLi
SysFreeString
SysStringLen
VariantClear
VarUI4FromStr
RegisterTypeLi

rpcrt4

NdrDllUnregisterProxy
NdrDllGetClassObject
IUnknown_AddRef_Proxy
NdrCStdStubBuffer2_Release
IUnknown_Release_Proxy
NdrDllCanUnloadNow
NdrDllRegisterProxy
NdrOleAllocate
NdrStubForwardingFunction
NdrOleFree
IUnknown_QueryInterface_Proxy
RpcStringFreeA
UuidToStringA
UuidCreate

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 51B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a35f4d5910b7aee58fedca80fea8eb51

Code Sign

76:c4:31:60:7a:2b:69:a2:66:7e:f7:2c:21:78:b5:3c:bd:1c:4f:eeSigner

Signature Validations

Verification

01/01/0001, 00:00 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

rpcrt4

Exports

Exports

Sections

.text Size: 209KB - Virtual size: 209KB

.orpc Size: 512B - Virtual size: 51B

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 9KB - Virtual size: 16KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 17KB - Virtual size: 16KB

76:c4:31:60:7a:2b:69:a2:66:7e:f7:2c:21:78:b5:3c:bd:1c:4f:ee
Signer

01/01/0001, 00:00
Valid: false

.text
Size: 209KB - Virtual size: 209KB

.orpc
Size: 512B - Virtual size: 51B

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 9KB - Virtual size: 16KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 17KB - Virtual size: 16KB