LanguageComponentsInstallerComHandler[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

LanguageComponentsInstallerComHandler.exe
Size

50KB
MD5

6e6c8da1a09c9c2cff28bd706e5b86be
SHA1

4e31b7db41d991c4250b9f36468f986e6b918789
SHA256

c27a4a931234ef42fefdf515870fe5c1f8a307b06edadcc3b2408c3dd2e2c850
SHA512

bae7e339999ef9f015718efd69afb94b6be1decf2098c8800da671d5ecf233d2ba48d775721c82d8adf11fce934f20c530f3bf113c943c3f36e483b7a28cb866
SSDEEP

1536:ephoM1c12X15E26Y57QQjieG+6yHI54RS5u:UreI6Y9Qge+67445u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
LanguageComponentsInstallerComHandler.exe

Files

LanguageComponentsInstallerComHandler.exe
.exe windows x64

d0d0fd91f38d8127baae5b6571b84a5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

__wgetmainargs
_amsg_exit
_XcptFilter
memmove
memcpy
exit
_cexit
__setusermatherr
_initterm
__C_specific_handler
_fmode
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
_callnewh
_commode
_lock
malloc
__set_app_type
_unlock
__dllonexit
_onexit
?terminate@@YAXXZ
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
memcpy_s
_vsnwprintf
_purecall
??3@YAXPEAX@Z
__CxxFrameHandler3
??1type_info@@UEAA@XZ
_exit
memset

api-ms-win-core-com-l1-1-0

CoResumeClassObjects
CoAddRefServerProcess
CoReleaseServerProcess
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsIsStringEmpty
WindowsStringHasEmbeddedNull
WindowsGetStringRawBuffer
WindowsCreateString

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-synch-l1-1-0

WaitForSingleObject
WaitForSingleObjectEx
OpenSemaphoreW
ReleaseMutex
CreateEventW
ReleaseSemaphore
ReleaseSRWLockExclusive
SetEvent
AcquireSRWLockExclusive
CreateSemaphoreExW
ReleaseSRWLockShared
CreateMutexExW
AcquireSRWLockShared

api-ms-win-core-winrt-l1-1-0

RoRegisterActivationFactories
RoRevokeActivationFactories
RoInitialize
RoUninitialize

api-ms-win-core-winrt-error-l1-1-0

RoOriginateErrorW
RoOriginateError

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
GetModuleFileNameA
GetProcAddress
GetModuleHandleExW

oleaut32

VariantClear
SysAllocString
SysFreeString

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapFree
GetProcessHeap

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
SetLastError

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
DebugBreak
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-synch-l1-2-0

Sleep
WakeAllConditionVariable
SleepConditionVariableSRW

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0d0fd91f38d8127baae5b6571b84a5a

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

api-ms-win-core-com-l1-1-0

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

oleaut32

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 592B

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 592B