7c6fb55725105f2c76da9901765628067c09e3c16361d25810be7d846958e866

Sharing

Copy URL Twitter E-mail

General

Target

7c6fb55725105f2c76da9901765628067c09e3c16361d25810be7d846958e866
Size

308KB
MD5

649aa2077cfb418247a3245c1e4d5d5d
SHA1

21a8a27dbc2feb9fabf5cf9bcad5bacc28e9f843
SHA256

7c6fb55725105f2c76da9901765628067c09e3c16361d25810be7d846958e866
SHA512

2f1a3897fc5d7bea340ad783293f162ce5034ce1b01071093d4a76d36ff4cc90ee9981d0d4efd7f43e6582eb8a2b1b0bd064ca6651e755255fa9fafa784dca41
SSDEEP

6144:AROgTqQj5ltDY6d2GycZ21GQcZ23GQcZ2+GQcZ2KGQcZ2/7m/0c5PsaafG:iOgGWntDacRs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c6fb55725105f2c76da9901765628067c09e3c16361d25810be7d846958e866

Files

7c6fb55725105f2c76da9901765628067c09e3c16361d25810be7d846958e866
.dll regsvr32 windows x86

c442d18b93d08fd2ea6837c89e4e9845

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetOEMCP
RtlUnwind
HeapFree
RaiseException
ExitProcess
TerminateProcess
HeapAlloc
SetStdHandle
GetFileType
GetCommandLineA
HeapReAlloc
GetACP
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
GetFileAttributesA
GetTimeZoneInformation
GetFileTime
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetCurrentThreadId
LocalFree
lstrcpynA
lstrcmpiA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
FindResourceA
LoadResource
SizeofResource
FreeResource
DeleteFileA
lstrlenW
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFileSize
GetProcessVersion
FreeLibrary
GlobalFindAtomA
GlobalGetAtomNameA
GlobalAddAtomA
WritePrivateProfileStringA
GetModuleHandleA
GlobalFlags
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcatA
SetLastError
GetVersion
LocalReAlloc
SetErrorMode
TlsGetValue
TlsFree
TlsSetValue
GlobalReAlloc
GlobalFree
GlobalHandle
GlobalUnlock
TlsAlloc
LocalAlloc
GetFullPathNameA
FindClose
GetVolumeInformationA
FindFirstFileA
GetProcAddress
lstrcpyA
LoadLibraryA
UnlockFile
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
LCMapStringW
GetLastError
InterlockedDecrement
GetCurrentProcess
DuplicateHandle
GlobalLock
CloseHandle
GetModuleFileNameA
SetUnhandledExceptionFilter
GlobalAlloc
GetStringTypeA
IsBadWritePtr
SetHandleCount
GetStdHandle

user32

SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetFocus
ShowWindow
SetWindowPos
GetClassLongA
GetDlgItem
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
DestroyMenu
SetWindowTextA
LoadIconA
GetSysColorBrush
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
GetWindowTextA
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
GetSystemMetrics
CharUpperA
wsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
LoadCursorA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
PostMessageA
PostQuitMessage
GetSysColor
MapWindowPoints
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
WinHelpA
GetCapture
GetMenu
GetClassInfoA
RegisterClassA
GetSubMenu
GetMenuItemID
DestroyWindow
DefWindowProcA
ClientToScreen
CreateWindowExA
GetWindow
GrayStringA
SetWindowLongA

gdi32

SelectObject
GetStockObject
RestoreDC
SetBkColor
SetMapMode
SetViewportOrgEx
SetTextColor
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
DeleteObject
GetDeviceCaps
RectVisible
TextOutA
PtVisible
Escape
ExtTextOutA
GetObjectA
CreateBitmap
DeleteDC
OffsetViewportOrgEx
SaveDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

comctl32

ord17

ole32

StringFromCLSID
CoTaskMemFree
CoCreateInstance

oleaut32

SysStringLen
SysAllocStringLen
SafeArrayGetLBound
SafeArrayGetUBound
LoadRegTypeLi
SafeArrayCreate
SafeArrayPutElement
SafeArrayGetElement
VariantInit
VariantCopyInd
VariantClear
SysAllocString
VariantCopy
SysFreeString

atl

ord30
ord58
ord16
ord18
ord32
ord15
ord23
ord57
ord21

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c442d18b93d08fd2ea6837c89e4e9845

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

ole32

oleaut32

atl

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 80KB - Virtual size: 76KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 80KB - Virtual size: 76KB

.reloc
Size: 16KB - Virtual size: 15KB