0a7767ee98001175bcd09a9c0cfef951f6772f66dd277f08c81b414c19a9e310

Sharing

Copy URL Twitter E-mail

General

Target

0a7767ee98001175bcd09a9c0cfef951f6772f66dd277f08c81b414c19a9e310
Size

224KB
MD5

99551cff634f44e314a9f35f633c8684
SHA1

45f3f83bc78cf09b7da0e0fa5179b4e93d7b9663
SHA256

0a7767ee98001175bcd09a9c0cfef951f6772f66dd277f08c81b414c19a9e310
SHA512

d0a6fa2f17102fb9fd836b4ff63f7c2fc6c350d96a91a27ade83fff71b674ae4348ba5b4ce1aa217439d7c8c61ad5ae8bf12ce34deea27918a3e5c0e4d1d7855
SSDEEP

3072:opXxSsYaFwj8Qxt7Uue5d5G/rbc4gYco0:opB9YM9Q3ivuwh5o0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a7767ee98001175bcd09a9c0cfef951f6772f66dd277f08c81b414c19a9e310

Files

0a7767ee98001175bcd09a9c0cfef951f6772f66dd277f08c81b414c19a9e310
.dll regsvr32 windows x86

8d8197190e26d0ebb4039440e167ebcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindResourceExW
lstrcpyW
GetProcAddress
GetModuleHandleW
GetSystemDefaultLangID
MulDiv
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
lstrcatW
lstrcmpiW
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
GetLastError
LoadLibraryW
GetDiskFreeSpaceExW
DisableThreadLibraryCalls
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
GetShortPathNameW
GetModuleFileNameW
FindResourceW
LoadResource
lstrcpynW
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetDriveTypeA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
LockResource
lstrlenW
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetSystemTimeAsFileTime
CompareFileTime
Sleep
GetThreadLocale
GetStringTypeExW
lstrlenA
OutputDebugStringW
DebugBreak
InterlockedDecrement
FormatMessageW
LoadLibraryExW
GetOEMCP
GetStartupInfoA
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetCurrentDirectoryW
GetTimeZoneInformation
HeapSize
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
LocalFree
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
RaiseException
RtlUnwind
GetFullPathNameW
GetCurrentDirectoryA
HeapCreate
VirtualFree
ExitProcess
VirtualAlloc
IsBadWritePtr
TerminateProcess
TlsSetValue
TlsAlloc
TlsFree
WriteFile

user32

SendMessageW
LoadStringW
CharNextW
wvsprintfW
LoadStringA
InsertMenuW
RegisterClipboardFormatW
MessageBoxW
GetWindow
GetSystemMetrics
GetDC
ReleaseDC
CreateDialogIndirectParamW
SetWindowLongW
SetWindowTextW
GetDlgItem
DestroyWindow
PeekMessageW
TranslateMessage
DispatchMessageW
GetTopWindow

gdi32

SelectObject
CreateFontIndirectW
GetStockObject
GetObjectW
DeleteObject
GetDeviceCaps

advapi32

RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetDesktopFolder
SHGetPathFromIDListW
SHChangeNotify

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
ReleaseStgMedium

oleaut32

RegisterTypeLi
LoadTypeLi
SysAllocString
VarUI4FromStr
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d8197190e26d0ebb4039440e167ebcb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 92KB - Virtual size: 89KB

.reloc Size: 8KB - Virtual size: 4KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 92KB - Virtual size: 89KB

.reloc
Size: 8KB - Virtual size: 4KB

.rmnet
Size: 60KB - Virtual size: 60KB