de5365e883feb58bbeaab3ab55a22f5ffb11ec52b401e1587b3fd616f2a879d8

Sharing

Copy URL

Twitter E-mail

General

Target

de5365e883feb58bbeaab3ab55a22f5ffb11ec52b401e1587b3fd616f2a879d8
Size

6.2MB
MD5

008567637af4b0db9fab371bae89d565
SHA1

6b54590975c2345debb680fc2356df0b6d34ddc8
SHA256

de5365e883feb58bbeaab3ab55a22f5ffb11ec52b401e1587b3fd616f2a879d8
SHA512

8e621583fa2639845a89e33a53dcaf445936822cb96e8cf16364280715009b695deead6fefa689d92f0eca9caa62856ed388b8b46e7123c8b1c7dbfcc37970c0
SSDEEP

98304:i4rdrPhoP4qQQ+QV4zmU2OjQL/llOn2rM6FD+obEZA4i7tb8UILQHbxkrKZv25Zf:i4rd6OzUB8Gz3b8UIU7x4W25Zf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de5365e883feb58bbeaab3ab55a22f5ffb11ec52b401e1587b3fd616f2a879d8

Files

de5365e883feb58bbeaab3ab55a22f5ffb11ec52b401e1587b3fd616f2a879d8
.dll regsvr32 windows x86

b551e735887ab1da1d28c7e7369a4d0b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

ws2_32

inet_ntoa
inet_pton
inet_ntop
WSAWaitForMultipleEvents
send
WSAResetEvent
closesocket
__WSAFDIsSet
WSACreateEvent
socket
bind
recv
WSACleanup
sendto
setsockopt
getsockname
WSAEventSelect
ntohs
htons
WSAEnumNetworkEvents
WSAGetLastError
select
recvfrom
WSAStartup
connect
ioctlsocket
getpeername
WSASetEvent
WSACloseEvent
WSARecv
shutdown
WSASend
getsockopt
WSASetLastError
freeaddrinfo
gethostname
inet_addr
getaddrinfo
WSAIoctl
gethostbyname
WSAAccept

kernel32

DecodePointer
GetSystemTimeAsFileTime
GetFileAttributesA
HeapReAlloc
ExitThread
CreateThread
GetCommandLineA
RtlUnwind
RaiseException
HeapSize
HeapQueryInformation
SetStdHandle
GetFileType
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
GetStdHandle
GetTimeZoneInformation
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetHandleCount
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetConsoleCtrlHandler
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
WriteConsoleW
GetProcessHeap
FindFirstFileA
FindNextFileA
ResetEvent
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
VirtualProtect
SearchPathW
GetProfileIntW
GetTempPathW
GetTempFileNameW
GetNumberFormatW
GetWindowsDirectoryW
FindResourceExW
GetVersion
GetCurrentDirectoryW
GetFileTime
GetFileAttributesW
GetFileAttributesExW
GlobalGetAtomNameW
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
IsDBCSLeadByte
GetUserDefaultLCID
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
EncodePointer
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DeleteFileW
lstrcmpiW
ReleaseSemaphore
CreateSemaphoreW
ResumeThread
SetThreadPriority
lstrcmpA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
lstrcmpW
CopyFileW
GlobalSize
FormatMessageW
FreeLibrary
ReleaseActCtx
CreateActCtxW
GetModuleFileNameA
lstrcpyW
VirtualQuery
GetSystemInfo
VirtualAlloc
GetDiskFreeSpaceExW
FileTimeToSystemTime
FreeResource
GetSystemDirectoryW
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
SetUnhandledExceptionFilter
WaitForMultipleObjects
CreateEventW
SetEvent
OutputDebugStringA
OutputDebugStringW
Sleep
WaitForSingleObject
GetTickCount
DeleteFileA
GetFileSizeEx
ReadFile
WriteFile
SetFilePointerEx
SetFilePointer
CreateFileA
FileTimeToLocalFileTime
GetLocalTime
CreateDirectoryA
InterlockedExchangeAdd
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LocalFree
LocalAlloc
MulDiv
lstrlenW
CloseHandle
LockResource
GlobalFree
EnterCriticalSection
GetProcAddress
SetLastError
GetLastError
InterlockedExchange
DeactivateActCtx
GlobalUnlock
GetStartupInfoW
MultiByteToWideChar
GetModuleFileNameW
TerminateProcess
GetTimeFormatW
LeaveCriticalSection
SizeofResource
LoadLibraryW
WideCharToMultiByte
GlobalAlloc
ActivateActCtx
GetModuleHandleW
GlobalLock
CreateDirectoryW
GetCurrentProcess
LoadResource
FindResourceW
lstrlenA
GetDateFormatW
HeapAlloc
GetFileSize
HeapFree
InterlockedCompareExchange
FlushInstructionCache
LoadLibraryA
GetModuleHandleExW
DeleteFiber
ConvertFiberToThread
SetConsoleMode
ReadConsoleA
ReadConsoleW
GetEnvironmentVariableW
FindNextFileW
GetDriveTypeA
FindFirstFileExA
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
ExitProcess
GetDriveTypeW

user32

CloseClipboard
SetClipboardData
OpenClipboard
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
DrawFrameControl
SetClassLongW
DestroyAcceleratorTable
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
DrawIconEx
GetNextDlgGroupItem
CopyImage
HideCaret
DrawFocusRect
InvertRect
GetTabbedTextExtentW
DestroyIcon
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
IsZoomed
NotifyWinEvent
MessageBeep
GetSystemMenu
DeleteMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
GetDialogBaseUnits
GetSysColorBrush
RealChildWindowFromPoint
UnregisterClassW
LockWindowUpdate
EnumChildWindows
RegisterClipboardFormatW
SetWindowRgn
DrawEdge
ShowOwnedPopups
PostQuitMessage
DrawStateW
CharUpperW
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetMessageW
TranslateMessage
GetActiveWindow
ValidateRect
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
WindowFromPoint
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
EmptyClipboard
SetWindowsHookExW
GetClassLongW
GetClassNameW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
GetMenu
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
CheckMenuItem
GetMenuStringW
EndPaint
BeginPaint
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxW
MapVirtualKeyW
GetKeyNameTextW
IsIconic
SetScrollRange
GetScrollRange
SetScrollPos
ShowScrollBar
GetScrollPos
SetParent
MonitorFromWindow
EqualRect
UnregisterHotKey
GetMonitorInfoW
CallNextHookEx
UnhookWindowsHookEx
IntersectRect
PostMessageW
GetSysColor
FrameRect
FillRect
EnableMenuItem
LoadCursorFromFileW
CopyIcon
CharUpperBuffW
PostThreadMessageW
WaitMessage
GetDCEx
IsCharLowerW
MapVirtualKeyExW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
DestroyCursor
RegisterWindowMessageW
ClientToScreen
GetClassNameA
RemovePropW
GetWindowDC
SetCapture
SetPropW
OffsetRect
GetScrollInfo
GetWindowLongW
SetWindowLongW
SetWindowPos
ShowWindow
EnableScrollBar
ReleaseCapture
GetDoubleClickTime
SubtractRect
GetWindowRgn
DrawIcon
GetCapture
MapDialogRect
GetSystemMetrics
IsWindowVisible
GetPropW
SetScrollInfo
CallWindowProcW
GetMessagePos
IsRectEmpty
GetMenuItemID
GetSubMenu
CreateMenu
ModifyMenuW
LoadMenuW
AppendMenuW
GetMenuState
CreatePopupMenu
GetMenuItemCount
RemoveMenu
InsertMenuW
CopyRect
IsWindow
ReleaseDC
GetDC
SetCursor
SetTimer
ScreenToClient
DrawTextW
KillTimer
TabbedTextOutW
GetParent
LoadCursorW
GetClientRect
DrawTextExW
SetRectEmpty
PtInRect
GetAsyncKeyState
SetRect
InvalidateRect
RedrawWindow
GrayStringW
GetCursorPos
SendMessageW
EnableWindow
GetDlgCtrlID
GetWindowRect
LoadImageW
GetIconInfo
GetUserObjectInformationW
GetProcessWindowStation
GetDlgItem

gdi32

CopyMetaFileW
CreateDCW
SetRectRgn
CombineRgn
DPtoLP
LPtoDP
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
OffsetRgn
GetViewportOrgEx
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextAlign
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreatePolygonRgn
GetTextColor
GetDeviceCaps
Polyline
Polygon
GetRgnBox
SetPixel
UnrealizeObject
ExtFloodFill
SetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
GetTextFaceW
SetLayout
GetLayout
GetObjectType
SelectPalette
CreateBitmap
CreateEllipticRgn
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
CreateCompatibleDC
GetObjectW
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
EnumFontFamiliesExW
CreatePatternBrush
SetTextAlign
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CreateFontIndirectW
MoveToEx
LineTo
Ellipse
GetTextExtentPoint32A
SetTextColor
SetBkMode
Rectangle
CreatePen
CreateSolidBrush
CreateHatchBrush
SetBkColor
SetStretchBltMode
SetBrushOrgEx
GetTextExtentPoint32W
GetDIBColorTable
GetStockObject
BitBlt
CreateCompatibleBitmap
ExtTextOutW
PtVisible
Escape
RectVisible
TextOutW
DeleteDC
CreateDIBSection
StretchBlt
SetDIBColorTable
DeleteObject
SelectObject
SelectClipRgn

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueExW
RegCloseKey
RegSetValueW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueW
RegEnumKeyW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
CryptDecrypt
CryptCreateHash
CryptSetHashParam
CryptSignHashW
CryptDestroyHash
CryptExportKey
CryptGetUserKey
CryptAcquireContextW
CryptGetProvParam
CryptDestroyKey
CryptReleaseContext
CryptEnumProvidersW
RegOpenKeyExW
RegSetValueExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW

shell32

DragQueryFileW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ExtractIconW
SHGetDesktopFolder
SHAppBarMessage
SHGetFolderPathA
DragFinish
ShellExecuteW
SHGetSpecialFolderLocation

comctl32

_TrackMouseEvent
ImageList_DragEnter
ImageList_DragLeave
ImageList_BeginDrag
ImageList_DragMove
ImageList_EndDrag
ImageList_GetIconSize

shlwapi

PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsDirectoryW
PathIsUNCW

ole32

StgCreateDocfileOnILockBytes
RevokeDragDrop
CoCreateInstance
ReadFmtUserTypeStg
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoUninitialize
CoInitializeEx
CoRegisterClassObject
CoTaskMemFree
CreateStreamOnHGlobal
CoRevokeClassObject
StringFromGUID2
StringFromCLSID
CoCreateGuid
CreateDataCache
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateDataAdviseHolder
OleSaveToStream
CreateOleAdviseHolder
CoDisconnectObject
CoInitialize
ReadClassStm
OleLoadFromStream
CoLockObjectExternal
CreateILockBytesOnHGlobal
DoDragDrop
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleGetClipboard
RegisterDragDrop

oleaut32

OleCreatePictureIndirect
OleCreateFontIndirect
OleLoadPicture
VarBstrFromDate
VariantCopy
OleCreatePropertyFrame
SysAllocString
LoadTypeLi
RegisterTypeLi
SysStringLen
VariantChangeType
VariantClear
SysStringByteLen
SysFreeString
LoadRegTypeLi
SysAllocStringLen
VariantInit
SystemTimeToVariantTime
VariantTimeToSystemTime

gdiplus

GdipReleaseDC
GdipDrawLine
GdipGetDC
GdipDrawImageRectI
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesWrapMode
GdipCreateLineBrushI
GdipDrawImageRectRectI
GdipCreateBitmapFromFile
GdipLoadImageFromFile
GdipFillRectangleI
GdipDrawRectangle
GdipDrawLineI
GdipSaveImageToFile
GdipGetImageEncoders
GdipCreateBitmapFromHBITMAP
GdipFree
GdipGetImageHeight
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipDrawImageI
GdipAlloc
GdipDisposeImage
GdipGetImagePaletteSize
GdipBitmapLockBits
GdipCloneImage
GdipGetImageWidth
GdiplusStartup
GdipSetStringFormatFlags
GdipLoadImageFromStream
GdipDrawImageRectRect
GdipDeleteBrush
GdipDeletePen
GdipCloneBrush
GdipMeasureString
GdipSetStringFormatLineAlign
GdipDrawPath
GdipDeleteFont
GdipSetStringFormatAlign
GdipSetSmoothingMode
GdipDeleteFontFamily
GdipCreateSolidFill
GdipCreateFont
GdipDeletePath
GdipGetGenericFontFamilySansSerif
GdipDrawString
GdipFillRectangle
GdipCreateFontFamilyFromName
GdipCreateFromHDC
GdipSetSolidFillColor
GdipDrawImageRect
GdipFillPath
GdipSetInterpolationMode
GdipCreateStringFormat
GdipCreatePath
GdipCreatePen1
GdipDeleteStringFormat
GdipSetPenLineJoin
GdiplusShutdown
GdipSaveImageToStream
GdipDrawRectanglesI
GdipFillPolygonI
GdipFillRectanglesI
GdipDrawEllipseI
GdipGetImageEncodersSize

dbghelp

MiniDumpWriteDump

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

iphlpapi

GetAdaptersInfo

winmm

PlaySoundW

crypt32

CertEnumCertificatesInStore
CertFindCertificateInStore
CertOpenStore
CertCloseStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty

bcrypt

BCryptGenRandom

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 298KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 499KB - Virtual size: 499KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b551e735887ab1da1d28c7e7369a4d0b

Headers

DLL Characteristics

File Characteristics

Imports

version

ws2_32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

dbghelp

oleacc

imm32

iphlpapi

winmm

crypt32

bcrypt

Exports

Exports

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 298KB - Virtual size: 349KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 499KB - Virtual size: 499KB

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 298KB - Virtual size: 349KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 499KB - Virtual size: 499KB