d1162a26a3d938684c4d393c053b5e386fe8b802899bdd4585ee10e395648e0a

Sharing

Copy URL Twitter E-mail

General

Target

d1162a26a3d938684c4d393c053b5e386fe8b802899bdd4585ee10e395648e0a
Size

132KB
MD5

1d8a57f06c7f94f80782543155d5b611
SHA1

2b887ee6f7a220d06b58a58386778688f8800edc
SHA256

d1162a26a3d938684c4d393c053b5e386fe8b802899bdd4585ee10e395648e0a
SHA512

fba0d13f49385e9937cf38e63d01e7756ea1b30b2fd2736b43c29e46e7adaf879a97ee0de7f724252d73f513a6426b301b6246a5364c06ce869fa1ffccdbad90
SSDEEP

3072:2atv2D1ymysbiXc1zcdDNOo2pXOpVWgayTuqIiO/eOnBLstFR2Ny:22m+Nb/pVWyTuqIiwttsx2N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1162a26a3d938684c4d393c053b5e386fe8b802899bdd4585ee10e395648e0a

Files

d1162a26a3d938684c4d393c053b5e386fe8b802899bdd4585ee10e395648e0a
.dll regsvr32 windows x64

95d782e7315a7f358eb02fcce55ffefa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

dinput

DirectInputCreateA

winmm

timeGetTime

hid

HidD_FreePreparsedData
HidD_GetPreparsedData
HidP_GetValueCaps

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetStringTypeW
HeapSize
GetLastError
GetConsoleMode
GetConsoleCP
SetFilePointer
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoW
GetTickCount
InitializeCriticalSectionAndSpinCount
SetHandleCount
LCMapStringW
FlsAlloc
SetLastError
FlsFree
FlsGetValue
IsValidCodePage
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
WideCharToMultiByte
CreateFileA
IsBadWritePtr
GetVersionExA
FlushFileBuffers
Sleep
LocalAlloc
lstrlenA
MultiByteToWideChar
IsBadReadPtr
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
CloseHandle
GetFileType
WriteFile
HeapReAlloc
SetStdHandle
WriteConsoleW
ReadFile
CreateFileW
LoadLibraryW
GetOEMCP
GetACP
HeapFree
HeapAlloc
RtlUnwindEx
FlsSetValue
GetCommandLineA
DecodePointer
IsDebuggerPresent
EncodePointer
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
GetProcAddress
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameW
RaiseException
RtlPcToFileHeader
GetCPInfo

user32

KillTimer
SetDlgItemTextA
ShowWindow
LoadCursorA
RegisterClassA
GetDlgItem
SetWindowLongA
SetTimer
BeginPaint
GetClientRect
InflateRect
FillRect
GetWindowLongA
EndPaint
DefWindowProcA
InvalidateRect
GetParent
UnregisterClassA
SendMessageA
DrawTextA
GetWindowTextA
RedrawWindow

gdi32

CreatePolygonRgn
GetRgnBox
Polygon
Ellipse
SetTextColor
GetStockObject
Arc
CreatePen
CreateSolidBrush
SelectObject
MoveToEx
LineTo
DeleteObject
SetBkMode

advapi32

RegDeleteKeyA
InitializeSecurityDescriptor
InitializeAcl
LookupAccountNameA
AddAccessAllowedAce
SetSecurityDescriptorDacl
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyA
RegOpenKeyExA
RegEnumKeyA
RegQueryValueExA
RegOpenKeyA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95d782e7315a7f358eb02fcce55ffefa

Headers

DLL Characteristics

File Characteristics

Imports

dinput

winmm

hid

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 84KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 9KB - Virtual size: 19KB

.pdata Size: 4KB - Virtual size: 4KB

text Size: 2KB - Virtual size: 2KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 84KB - Virtual size: 84KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 9KB - Virtual size: 19KB

.pdata
Size: 4KB - Virtual size: 4KB

text
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 1KB