CreateComponent
initStrategyManage
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
3d7031be4a8600714d5816e54cab2eafe03b5b38210619099f0f14783c0c5823.dll
Resource
win7-20230831-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
3d7031be4a8600714d5816e54cab2eafe03b5b38210619099f0f14783c0c5823.dll
Resource
win10v2004-20230831-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
3d7031be4a8600714d5816e54cab2eafe03b5b38210619099f0f14783c0c5823
-
Size
889KB
-
MD5
140030afe8f440ed46fe2441bbf070c9
-
SHA1
e380ba82a1a38fdc82418a92139154f3d420cbae
-
SHA256
3d7031be4a8600714d5816e54cab2eafe03b5b38210619099f0f14783c0c5823
-
SHA512
a3ae2321b40526bc335f05b9d6cf2ebf971f0cd3b190c2e2d884428dc9fe7039218b896345e0560959894eaac2465fd6d25cf4b7a4df9c9c2c8274562aec59a1
-
SSDEEP
24576:UcvDQMASmAW+IW4UC7EW4nexHZdH9nt76Zl:UcvDQ7Ic54nmHZdH9nt76n
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3d7031be4a8600714d5816e54cab2eafe03b5b38210619099f0f14783c0c5823
Files
-
3d7031be4a8600714d5816e54cab2eafe03b5b38210619099f0f14783c0c5823.dll windows x86
8b6f23c5fd61f252cce909caf1a7be6a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mfc120u
ord285
ord5824
ord2967
ord4423
ord7384
ord1110
ord462
ord7004
ord3103
ord9007
ord6763
ord14094
ord12956
ord14458
ord13991
ord1065
ord362
ord1469
ord994
ord13997
ord3129
ord1130
ord6452
ord6032
ord9871
ord5684
ord10131
ord6398
ord7375
ord12758
ord12397
ord1369
ord850
ord8367
ord14313
ord4621
ord4699
ord14277
ord14271
ord6652
ord13019
ord6651
ord6123
ord13616
ord2719
ord12095
ord9090
ord12893
ord12890
ord8763
ord13975
ord13149
ord12738
ord12824
ord12449
ord12429
ord13635
ord13121
ord6431
ord3194
ord12276
ord14463
ord12219
ord2336
ord14516
ord4813
ord266
ord2948
ord3821
ord3140
ord540
ord13907
ord5027
ord8766
ord13972
ord13983
ord13554
ord12958
ord9091
ord10136
ord8101
ord5314
ord7600
ord7610
ord1441
ord6735
ord13331
ord11780
ord3202
ord1421
ord6719
ord324
ord1049
ord2711
ord14432
ord3831
ord2952
ord8627
ord10896
ord3147
ord9012
ord6491
ord1176
ord6025
ord6752
ord1459
ord7956
ord5755
ord5785
ord6922
ord2708
ord7542
ord992
ord1467
ord7881
ord6758
ord5727
ord6780
ord7288
ord6870
ord4984
ord13111
ord12634
ord12455
ord8601
ord8594
ord14269
ord12792
ord1682
ord1684
ord8639
ord2173
ord8352
ord8268
ord12736
ord8206
ord5262
ord2444
ord12412
ord12413
ord14448
ord7806
ord14454
ord9279
ord4109
ord4047
ord12818
ord7825
ord1992
ord11857
ord11858
ord14326
ord12402
ord7884
ord14526
ord6251
ord14528
ord6253
ord14527
ord6252
ord7609
ord5137
ord5316
ord5160
ord5693
ord5430
ord9231
ord5664
ord5454
ord5157
ord3329
ord3330
ord11999
ord2640
ord5838
ord13563
ord11592
ord6774
ord14455
ord7807
ord14449
ord3013
ord4451
ord9574
ord4459
ord4909
ord4874
ord4867
ord4905
ord4932
ord4883
ord4916
ord4928
ord4891
ord4895
ord4899
ord4887
ord4920
ord4879
ord1736
ord1727
ord1731
ord1723
ord1711
ord12132
ord12134
ord13738
ord3224
ord9137
ord10883
ord6875
ord8846
ord3809
ord5821
ord14447
ord11811
ord3795
ord11964
ord9020
ord11601
ord11600
ord5557
ord10169
ord12114
ord12122
ord4546
ord8099
ord10314
ord9116
ord12048
ord8921
ord13333
ord3654
ord5327
ord14367
ord9246
ord4434
ord4176
ord6393
ord1063
ord4193
ord3215
ord4181
ord9016
ord1520
ord4280
ord1042
ord296
ord1506
ord6462
ord2262
ord4772
ord3839
ord6469
ord2480
ord286
ord4838
ord7220
ord13153
ord321
ord2354
ord358
ord6392
ord4606
ord895
ord6696
ord4839
ord10165
ord10167
ord10168
ord10166
ord2718
ord8092
ord3260
ord3263
ord13612
ord6121
ord3122
ord3361
ord3362
ord4049
ord10353
ord11271
ord12006
ord1108
ord7704
ord2823
ord13404
ord12516
ord12510
ord3537
ord8043
ord13822
ord4402
ord13795
ord6777
ord6779
ord2493
ord12423
ord838
ord7020
ord8107
ord13219
ord4033
ord8346
ord12225
ord1191
ord568
ord5558
ord8039
ord2572
ord839
ord3925
ord5793
ord12430
ord14469
ord1687
ord1425
ord948
ord4456
ord2520
ord12966
ord11508
ord3790
ord1386
ord887
ord7543
ord265
ord5324
ord12043
ord2341
ord13825
ord3223
ord8699
ord12899
ord4843
ord8658
ord2348
ord2303
ord4764
ord5118
ord3898
ord1349
ord820
ord2265
ord2215
ord1460
ord984
ord1471
ord999
ord7331
ord5019
ord13987
ord12941
ord2478
ord5119
ord2343
ord2347
ord6389
ord1105
ord450
ord4620
ord8638
ord12126
ord12094
ord12799
ord5667
ord3806
ord1509
ord325
ord1050
ord2323
ord2366
ord2369
ord2334
ord2368
ord485
ord2226
ord2332
ord2142
ord2258
ord2357
ord8242
ord1518
ord280
ord2204
ord8247
ord8693
ord12957
ord1508
msvcr120
wcspbrk
_except1
modf
malloc
__RTCastToVoid
??0exception@std@@QAE@ABQBDH@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
?before@type_info@@QBE_NABV1@@Z
memcpy
_CxxThrowException
__RTDynamicCast
swprintf_s
_except_handler4_common
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
__clean_type_info_names_internal
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
__CxxFrameHandler3
memset
_vsnwprintf_s
_vscwprintf
wcschr
_waccess
??0exception@std@@QAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
fclose
fflush
setvbuf
fsetpos
fgetpos
_fseeki64
memcpy_s
ungetc
fgetc
fgetwc
ungetwc
fwrite
fputwc
_unlock_file
_lock_file
wcsstr
rand
_wtoi
?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ
?wait@Concurrency@@YAXI@Z
_wcsicmp
free
_wsplitpath_s
_vsnprintf_s
_access
__RTtypeid
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
??8type_info@@QBE_NABV0@@Z
_stricmp
sprintf_s
_wtof
round
_vswprintf_c_l
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
strcpy_s
memmove
ldiv
wcsftime
_localtime64_s
_time64
wcstoul
_purecall
kernel32
LocalAlloc
LocalFree
EncodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
CreateDirectoryW
GetFileSize
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
Sleep
MultiByteToWideChar
GetVersionExA
GetWindowsDirectoryW
lstrcpyW
WinExec
lstrlenW
lstrcatW
LoadLibraryExW
SetThreadPriority
ResetEvent
CreateThread
WaitForMultipleObjects
SetEvent
WaitForSingleObject
TerminateThread
InitializeCriticalSection
CreateEventW
GetModuleHandleW
TerminateProcess
CloseHandle
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
GetModuleFileNameW
DeleteCriticalSection
DecodePointer
EnterCriticalSection
GetLastError
InitializeCriticalSectionEx
LeaveCriticalSection
OutputDebugStringW
GetProcAddress
FreeLibrary
LoadLibraryW
GetTickCount
MulDiv
GlobalUnlock
GlobalLock
GlobalSize
GlobalReAlloc
WideCharToMultiByte
GetVersionExW
user32
GetWindowLongW
IsWindowEnabled
ChildWindowFromPoint
SetWindowRgn
EqualRect
SetRectEmpty
GetClassNameW
DestroyCursor
DestroyIcon
CopyIcon
CreateIconIndirect
GetIconInfo
LoadImageW
SetScrollPos
GetScrollPos
SetScrollRange
GetAsyncKeyState
GetWindowTextW
OffsetRect
DrawFrameControl
WindowFromPoint
ClientToScreen
CopyRect
IsWindowVisible
IsRectEmpty
GetDoubleClickTime
GrayStringW
DrawTextExW
TabbedTextOutW
EnableWindow
ReleaseCapture
GetCapture
SetTimer
ClipCursor
SetCapture
InvertRect
PtInRect
PostMessageW
GetFocus
GetMessagePos
GetSystemMetrics
IsClipboardFormatAvailable
InvalidateRect
GetClientRect
ScreenToClient
GetCursorPos
KillTimer
GetKeyState
IntersectRect
GetParent
GetWindowRect
DefWindowProcW
GetClassInfoW
IsWindow
SetRect
LoadCursorW
SetCursor
DrawTextW
InflateRect
DrawEdge
FrameRect
FillRect
GetSysColor
ReleaseDC
GetDC
SystemParametersInfoW
SendMessageW
gdi32
CreateRoundRectRgn
OffsetRgn
CombineRgn
CreateRectRgn
SelectClipRgn
FillRgn
FrameRgn
SetTextJustification
SetBkColor
SetBkMode
LineTo
MoveToEx
SetTextColor
StretchBlt
CreateBitmap
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
CreateSolidBrush
PatBlt
GetTextMetricsW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateFontW
GetObjectW
CreatePen
BitBlt
GetBkColor
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
GetCurrentObject
GetTextExtentPoint32W
CreateFontIndirectW
CreatePolygonRgn
advapi32
RegOpenKeyExW
RegCloseKey
RegQueryValueW
RegQueryValueExW
shell32
ShellExecuteW
comctl32
ImageList_GetImageInfo
ImageList_GetIcon
ord17
_TrackMouseEvent
ImageList_Draw
ImageList_GetImageCount
ImageList_AddMasked
oleaut32
SystemTimeToVariantTime
VarUdateFromDate
VariantTimeToSystemTime
python27
PyEval_CallMethod
PyObject_GetAttrString
PyImport_ReloadModule
PyRun_SimpleStringFlags
PyExc_IndexError
PyErr_SetString
PyUnicode_Type
PyInt_Type
PyFloat_FromDouble
PyBool_FromLong
PyDict_Type
PyDict_New
PyDict_GetItem
PyDict_Keys
PyObject_CallFunction
PyInt_AsLong
PyList_New
PyList_Append
PyList_Reverse
PyErr_Occurred
PyString_FromFormat
PyErr_WarnEx
PyErr_SetObject
PyErr_Format
PyExc_TypeError
PyObject_RichCompare
PyNumber_Add
PyNumber_Remainder
PyNumber_InPlaceAdd
PyErr_NoMemory
PyExc_OverflowError
PyExc_RuntimeError
PyExc_ValueError
Py_InitModule4
PyDict_GetItemString
PyMethod_Type
PyObject_SetAttrString
PyObject_GetAttr
PyObject_SetAttr
PySlice_New
PyErr_Clear
PyErr_ExceptionMatches
_PyEval_SliceIndex
PyObject_GetItem
PyObject_SetItem
PySequence_GetSlice
PyExc_AttributeError
PyExc_ReferenceError
PyMem_Malloc
PyMem_Free
PyType_IsSubtype
PyType_Ready
PyType_GenericAlloc
_PyType_Lookup
PyObject_ClearWeakRefs
PyTuple_New
PyArg_ParseTupleAndKeywords
PyType_Type
PyBaseObject_Type
PyModule_Type
PyProperty_Type
PyString_InternFromString
PyTuple_Size
PyTuple_GetItem
PyDict_Size
PyMethod_New
PyErr_NewException
PyObject_Size
_Py_NotImplementedStruct
PyCFunction_Type
PyStaticMethod_Type
PyClass_Type
PyUnicodeUCS2_FromEncodedObject
PyUnicodeUCS2_AsWideChar
PyLong_AsUnsignedLong
PyLong_AsLongLong
PyLong_AsUnsignedLongLong
PyComplex_RealAsDouble
PyComplex_ImagAsDouble
PyString_FromStringAndSize
PyString_FromString
PyString_Size
PyBool_Type
PyLong_Type
PyFloat_Type
PyComplex_Type
PyString_Type
_PyObject_New
PyWeakref_NewRef
PyImport_ImportModule
PyObject_CallMethod
PyTuple_Type
PyList_Type
PyObject_IsInstance
PyUnicodeUCS2_FromWideChar
PyLong_FromUnsignedLong
PyInt_FromLong
PyObject_IsTrue
Py_IncRef
PyEval_CallFunction
_Py_NoneStruct
PyList_Size
PyString_AsString
PyObject_Str
PyErr_Fetch
PyGILState_Release
PyGILState_Ensure
msvcp120
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Throw_C_error@std@@YAXH@Z
_Mtx_lock
_Mtx_unlock
?_Xout_of_range@std@@YAXPBD@Z
_Mtx_init
_Mtx_destroy
?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
_Thrd_sleep
_Xtime_diff_to_millis2
xtime_get
_Xtime_get_ticks
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_BADOFF@std@@3_JB
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W0@Z
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
?empty@locale@std@@SA?AV12@XZ
??_7_Facet_base@std@@6B@
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
?in@?$codecvt@_WDH@std@@QBEHAAHPBD1AAPBDPA_W3AAPA_W@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
??_7?$codecvt@_WDH@std@@6B@
??_7facet@locale@std@@6B@
??_7codecvt_base@std@@6B@
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?unshift@?$codecvt@_WDH@std@@QBEHAAHPAD1AAPAD@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??Bid@locale@std@@QAEIXZ
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?id@?$codecvt@_WDH@std@@2V0locale@2@A
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXXZ
?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QBE?AVlocale@2@XZ
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?widen@?$ctype@_W@std@@QBE_WD@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
rpcrt4
UuidToStringW
RpcStringFreeW
UuidCreate
Exports
Exports
Sections
.text Size: 645KB - Virtual size: 644KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 141KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 37KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 56KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ