3359a9924dc47db806ded967723baf7c3e677d2a0a15589bd5f5dbbe806ec258

Sharing

Copy URL

Twitter E-mail

General

Target

3359a9924dc47db806ded967723baf7c3e677d2a0a15589bd5f5dbbe806ec258
Size

344KB
MD5

bc033e1b738f5501aa7b9e73e7583782
SHA1

ba2abcec884118b151cdda976525b7d62aa39e06
SHA256

3359a9924dc47db806ded967723baf7c3e677d2a0a15589bd5f5dbbe806ec258
SHA512

ad4a476295d1b98b05c2a7ea75edf99bfbae790b7e54b80ba14417ceb5d49071dcbede5607920bbca9b40cf12e3a55ec96a568a44a13b7ad4d96b9d9acf7cc26
SSDEEP

6144:HedE8upKfqCISLyO2XxoatMWz3fpCaGcGLntTJQTDtqgUeJtLhTvp:HK9SKfqCI71v83ceteTUgUe/lv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3359a9924dc47db806ded967723baf7c3e677d2a0a15589bd5f5dbbe806ec258

Files

3359a9924dc47db806ded967723baf7c3e677d2a0a15589bd5f5dbbe806ec258
.dll regsvr32 windows x86

de7152432391da22e4a2daac46306ba0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryExA
VirtualQuery
WriteConsoleW
SetStdHandle
GetCurrentDirectoryW
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
LCMapStringW
GetStringTypeW
GetFileType
GetStdHandle
GetModuleFileNameA
ExitProcess
GetCommandLineA
GetModuleHandleExW
HeapQueryInformation
InterlockedFlushSList
GetSystemInfo
CreateFileMappingW
GetCommandLineW
SetFilePointerEx
OutputDebugStringW
GetCurrentProcess
WriteFile
FlushFileBuffers
VirtualProtect
CreateEventW
GlobalFlags
lstrcmpA
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
GetSystemDirectoryW
GetCurrentThreadId
FormatMessageW
LocalFree
GlobalFree
GlobalAlloc
LoadLibraryW
GetModuleHandleA
SetLastError
OutputDebugStringA
GetACP
SetThreadLocale
GetThreadLocale
EncodePointer
WideCharToMultiByte
FindFirstFileW
CreateFileW
OpenFileMappingW
lstrlenW
UnmapViewOfFile
MapViewOfFile
FindClose
ReadFile
MultiByteToWideChar
GetFileAttributesW
FindResourceW
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
lstrcmpiW
GetTickCount
SizeofResource
LoadResource
GlobalUnlock
GlobalLock
GetProcAddress
FreeLibrary
LockResource
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
InterlockedDecrement
InterlockedIncrement
DecodePointer
CreateFileA
CloseHandle
GetFileTime
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
InitializeCriticalSection

user32

PostQuitMessage
SetMenuItemInfoW
GetMenuCheckMarkDimensions
CheckMenuItem
DestroyMenu
RealChildWindowFromPoint
EnableMenuItem
CharNextW
CreatePopupMenu
InsertMenuW
SetMenuItemBitmaps
InsertMenuItemW
LoadBitmapW
wsprintfW
GetClientRect
ClientToScreen
TabbedTextOutW
SetRectEmpty
OffsetRect
GetParent
GetSubMenu
GetMenuItemID
GetMenuItemCount
GrayStringW
DrawTextExW
DrawTextW
LoadCursorW
GetSysColorBrush
ReleaseDC
GetDC
GetSystemMetrics
GetWindowThreadProcessId
SetWindowTextW
IsWindowEnabled
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowRect
RemovePropW
GetPropW
SetPropW
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetMenu
GetMenu
EnableWindow
GetCapture
GetKeyState
GetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
DestroyWindow
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetWindow
GetWindowLongW
GetWindowTextW
GetScrollPos
SendMessageW

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
DeleteObject
GetDeviceCaps
SetBkColor
SetTextColor
CreateBitmap
ExtTextOutW
TextOutW
DeleteDC
Escape
GetClipBox
GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetMapMode

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteW
DragQueryFileW

shlwapi

StrCmpIW
PathFileExistsW

ole32

CoInitialize
CoUninitialize
CoCreateInstance
StringFromGUID2
ReleaseStgMedium
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

fltlib

FilterSendMessage
FilterConnectCommunicationPort

ntdll

RtlUnwind

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de7152432391da22e4a2daac46306ba0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

ole32

fltlib

ntdll

Exports

Exports

Sections

.text Size: 220KB - Virtual size: 220KB

.rdata Size: 85KB - Virtual size: 85KB

.data Size: 13KB - Virtual size: 42KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 220KB - Virtual size: 220KB

.rdata
Size: 85KB - Virtual size: 85KB

.data
Size: 13KB - Virtual size: 42KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 14KB - Virtual size: 14KB