b044dd40241b7242deaadf19e12b6d057b4e565bd66691ff2a1e85a580061090

Sharing

Copy URL Twitter E-mail

General

Target

b044dd40241b7242deaadf19e12b6d057b4e565bd66691ff2a1e85a580061090
Size

435KB
MD5

ea0e595b8a2cb4a5de8b4f2590ce32ac
SHA1

5687a54df9ca9c8eed15318bffb4abb1549e6c02
SHA256

b044dd40241b7242deaadf19e12b6d057b4e565bd66691ff2a1e85a580061090
SHA512

40ad1908a842e2047233d0d617dbcd4fef6d87068e70cca848a966c788999579ef9add5c1b865b421bf3a15e85c5122dc3e1d0322f72efc12fba3375dc5e1ea3
SSDEEP

6144:IctdCXe1XKErIy9x/x5Ln66Lfc6bmLBlq6DAnLOWHb++T1O+o4X0s:OXe5KEz/x5LLfhmLBkwAnL5lcl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b044dd40241b7242deaadf19e12b6d057b4e565bd66691ff2a1e85a580061090

Files

b044dd40241b7242deaadf19e12b6d057b4e565bd66691ff2a1e85a580061090
.dll regsvr32 windows x86

719d660a4adfc41a7267c631275eba1b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
CreateFileW
GetFileSizeEx
SetFilePointerEx
DeleteFileW
SetEnvironmentVariableA
WriteConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
OutputDebugStringW
CreateThread
Sleep
InterlockedExchange
CloseHandle
ResetEvent
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetThreadPriority
lstrlenW
GetModuleFileNameW
VirtualQuery
lstrcpyW
GetProcAddress
GetVersionExW
LoadLibraryW
FreeLibrary
LockResource
SetLastError
GetLastError
DeactivateActCtx
MultiByteToWideChar
SizeofResource
ActivateActCtx
LoadResource
RaiseException
GetModuleHandleW
WideCharToMultiByte
FindClose
FindFirstFileW
GetVolumeInformationW
GetSystemInfo
lstrlenA
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
CreateEventW
GetCurrentThreadId
GetCurrentThread
GetTickCount
GetCurrentProcessId
lstrcmpW
GetCurrentProcess
DisableThreadLibraryCalls
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
CreateActCtxW
ReleaseActCtx
LocalFree
FormatMessageW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GetLocaleInfoW
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
lstrcmpA
FileTimeToSystemTime
FileTimeToLocalFileTime
InitializeCriticalSectionAndSpinCount
LocalAlloc
WriteFile
SetFilePointer
FlushFileBuffers
GetFullPathNameW
GetFileAttributesExW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
EncodePointer
DecodePointer
HeapFree
GetCommandLineA
RtlUnwind
HeapAlloc
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapReAlloc
ExitProcess
SetStdHandle
GetFileType
HeapSize
HeapQueryInformation
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
HeapCreate
HeapDestroy
SetHandleCount
GetStdHandle
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsProcessorFeaturePresent
LCMapStringW
FindResourceW

user32

DestroyWindow
GetTopWindow
GetDlgItem
GetLastActivePopup
GetForegroundWindow
GetWindowTextW
IsWindow
GetFocus
RemovePropW
GetPropW
SetPropW
GetClassLongW
CallNextHookEx
SetWindowsHookExW
GetCapture
WinHelpW
LoadIconW
GetMenuState
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ClientToScreen
GetWindowDC
IsWindowEnabled
InvalidateRect
PostQuitMessage
CharUpperW
KillTimer
SetTimer
CheckMenuItem
EnableMenuItem
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
GetActiveWindow
TranslateMessage
SetCursor
UnregisterClassW
DestroyMenu
SetWindowTextW
RealChildWindowFromPoint
UnhookWindowsHookEx
ShowWindow
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
GetWindowRect
ScreenToClient
PtInRect
GetDlgCtrlID
CallWindowProcW
GetMenu
GetWindowLongW
SetWindowLongW
SetWindowPos
EnumWindows
GetWindowThreadProcessId
DispatchMessageW
RegisterWindowMessageW
GetMessageTime
GetMessagePos
MonitorFromWindow
GetKeyState
SetMenu
EnableWindow
PeekMessageW
ReleaseDC
GetDC
wvsprintfW
wsprintfW
EnumDisplayMonitors
GetParent
LoadCursorW
SetRectEmpty
SystemParametersInfoW
GetSysColor
GetSysColorBrush
GetSystemMetrics
MapWindowPoints
GetMonitorInfoW
CopyRect
GetClassInfoW
GetClassNameW
SendMessageW
DefWindowProcW
GetWindow
GetMessageW

gdi32

SetTextColor
SetBkColor
SaveDC
RestoreDC
CreateBitmap
DeleteDC
CreateSolidBrush
GetStockObject
CreateDIBitmap
CreatePen
CreatePatternBrush
GetObjectW
DeleteObject
GetTextCharsetInfo
GetDeviceCaps
CreateFontIndirectW
GetTextMetricsW
EnumFontFamiliesW
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetClipBox
SetMapMode

ole32

CLSIDFromString
CoTaskMemFree
StringFromGUID2
CoFreeUnusedLibraries
CoCreateGuid
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantClear
SysAllocStringLen
VariantInit
VariantChangeType
SysAllocString
SysFreeString

shlwapi

PathStripToRootW
PathFindExtensionW
PathIsUNCW
PathFindFileNameW

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegDeleteValueW
RegCreateKeyW

shell32

ShellExecuteW

winmm

timeGetTime

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

719d660a4adfc41a7267c631275eba1b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

shlwapi

oleacc

winspool.drv

advapi32

shell32

winmm

Exports

Exports

Sections

.text Size: 244KB - Virtual size: 244KB

.rdata Size: 94KB - Virtual size: 93KB

.data Size: 32KB - Virtual size: 87KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 62KB - Virtual size: 62KB

.text
Size: 244KB - Virtual size: 244KB

.rdata
Size: 94KB - Virtual size: 93KB

.data
Size: 32KB - Virtual size: 87KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 62KB - Virtual size: 62KB