adcd8b0b14abfa5cdf087ba37d1e30ad06b2158a6431c95a6dd535eee1daee3a

Sharing

Copy URL Twitter E-mail

General

Target

adcd8b0b14abfa5cdf087ba37d1e30ad06b2158a6431c95a6dd535eee1daee3a
Size

571KB
MD5

39c8125e46a5c81289e070f0461958d6
SHA1

d5784c0b6541803b0a04917bd70335909483523f
SHA256

adcd8b0b14abfa5cdf087ba37d1e30ad06b2158a6431c95a6dd535eee1daee3a
SHA512

65e8f5fcedb9ddc3792bf7a6e1647c952bca87953505916cd9bfa5ca5d479f1e55fd3b8fdb427c63c51e1fa7dc25a1f23c0317a07909e8961634ee58151252f8
SSDEEP

12288:5A2IJeL566eQ8Ow5JOmQBSKJY2fEb3Z+wLyywoU53n2VLE:5A3eLq17zgY2fEb3Zxyywoc32VLE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adcd8b0b14abfa5cdf087ba37d1e30ad06b2158a6431c95a6dd535eee1daee3a

Files

adcd8b0b14abfa5cdf087ba37d1e30ad06b2158a6431c95a6dd535eee1daee3a
.dll regsvr32 windows x86

0797d49627c671be18a31deb48687462

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
LoadLibraryW
HeapAlloc
GetProcessHeap
GetFileAttributesW
GetCurrentProcess
GetSystemDefaultLangID
SetLastError
GetCurrentThreadId
GetCurrentProcessId
GetACP
GetStartupInfoW
TerminateProcess
lstrlenW
FindFirstFileW
GetLongPathNameW
CreateFileW
GetFileAttributesExW
FindNextFileW
FindClose
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
InitializeCriticalSection
ResumeThread
InterlockedExchangeAdd
FormatMessageW
LocalFree
WriteFile
SetFileTime
SetEndOfFile
GetFileSize
CreateMutexW
ReleaseMutex
OpenProcess
GetEnvironmentVariableW
CreateDirectoryW
GetFullPathNameW
GetTempPathW
SetFileAttributesW
DeleteFileW
GetWindowsDirectoryW
MoveFileExW
GetTempFileNameW
GetFileSizeEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
LCMapStringW
HeapReAlloc
HeapSize
GetFileType
GetStdHandle
GetStringTypeW
GetModuleFileNameA
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedFlushSList
RtlUnwind
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
WaitForSingleObjectEx
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetPrivateProfileStringW
SetStdHandle
GetConsoleMode
FlushFileBuffers
GetConsoleCP
SetFilePointerEx
WriteConsoleW
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
GetVersionExW
SetFilePointer
ReadFile
LoadLibraryExW
lstrcmpiW
FreeLibrary
GetModuleHandleW
GetProcAddress
FindResourceW
LoadResource
DisableThreadLibraryCalls
MultiByteToWideChar
GetVersion
LeaveCriticalSection
EncodePointer
GetModuleFileNameW
EnterCriticalSection
SizeofResource
GlobalUnlock
WideCharToMultiByte
InterlockedIncrement
lstrcpynA
DeleteCriticalSection
GlobalLock
DecodePointer
RaiseException
CloseHandle
GetLastError
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
MoveFileW
lstrcpynW

user32

ScreenToClient
BeginPaint
EndDialog
GetMonitorInfoW
EndPaint
MonitorFromWindow
ClientToScreen
GetWindowThreadProcessId
IsWindowVisible
FillRect
CallWindowProcW
EnumWindows
SetWindowLongW
DialogBoxParamW
MessageBoxW
GetIconInfo
SetRect
GetDesktopWindow
DefWindowProcW
wsprintfW
GetWindowLongW
GetWindow
GetWindowRect
SetWindowPos
MapWindowPoints
GetParent
ReleaseDC
LoadStringW
GetPropW
SendMessageW
ShowWindow
IsWindow
SetTimer
SetDlgItemTextW
IsWindowEnabled
SetPropW
GetClientRect
KillTimer
InvalidateRect
EnableWindow
LoadImageW
CharNextW
GetMenuItemInfoW
InsertMenuItemW
GetMenuItemCount
UnregisterClassW
CreatePopupMenu
DestroyIcon
IsMenu
SetMenuItemInfoW
DestroyMenu
GetMenuInfo
AppendMenuW
DrawIconEx
SetWindowTextW
GetDlgItem
GetActiveWindow
GetDC

gdi32

PathToRegion
TextOutW
EndPath
LineTo
CreatePen
MoveToEx
CreateSolidBrush
SetTextColor
SetBkMode
CreateCompatibleBitmap
SelectObject
BeginPath
CreateCompatibleDC
GetDIBits
DeleteDC
SetBkColor
ExtTextOutW
GetStockObject
DeleteObject
FillPath
CreateDIBSection
GetBkColor

advapi32

GetUserNameW
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

DragQueryFileW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW
ShellExecuteW

ole32

CoTaskMemFree
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance

oleaut32

VarUI4FromStr

comctl32

CreatePropertySheetPageW
DestroyPropertySheetPage

msimg32

TransparentBlt

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 422KB - Virtual size: 421KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0797d49627c671be18a31deb48687462

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

msimg32

Exports

Exports

Sections

.text Size: 422KB - Virtual size: 421KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 422KB - Virtual size: 421KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 24KB - Virtual size: 23KB