bd80892efa64a8103c6981bcdc56a77ce097995a8b29b682e1bb7c13dbe9712a

Sharing

Copy URL Twitter E-mail

General

Target

bd80892efa64a8103c6981bcdc56a77ce097995a8b29b682e1bb7c13dbe9712a
Size

9.6MB
MD5

5aee8e348d87fb8667e2b550d50343af
SHA1

3fc39a5a05e21f5a8b9d5d195a526054ec4be00d
SHA256

bd80892efa64a8103c6981bcdc56a77ce097995a8b29b682e1bb7c13dbe9712a
SHA512

836050d97f27e635ec9d8662b041d7caa028a563799c12f8a57ebdd87205f3107f2154221464c638c730b2a2b3b7cc2db7a5ca3a3f6e500c0dfd956ce0afdca0
SSDEEP

196608:p1xXcZ73sMi0OOEa8HelTSMkzkR2DMkq04PIsxhg:FsF3vO1ajlkQRiMkmPIz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd80892efa64a8103c6981bcdc56a77ce097995a8b29b682e1bb7c13dbe9712a

Files

bd80892efa64a8103c6981bcdc56a77ce097995a8b29b682e1bb7c13dbe9712a
.exe regsvr32 windows x86

d2566005197f0d8c091e0c6628d9d1b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

DlgDirSelectComboBoxExA

gdi32

CreateDCA

msimg32

AlphaBlend

winspool.drv

OpenPrinterA

advapi32

RegQueryValueExA

shell32

ShellExecuteA

shlwapi

PathStripToRootA

uxtheme

GetWindowTheme

ole32

OleLoadFromStream

oleaut32

VarBstrFromDate

oledlg

ord8

urlmon

CreateAsyncBindCtx

winmm

PlaySoundA

gdiplus

GdipBitmapUnlockBits

oleacc

CreateStdAccessibleObject

imm32

ImmReleaseContext

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.textbss
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 9.5MB - Virtual size: 21.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d2566005197f0d8c091e0c6628d9d1b3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

urlmon

winmm

gdiplus

oleacc

imm32

Exports

Exports

Sections

.textbss Size: - Virtual size: 3.4MB

.text Size: 9.5MB - Virtual size: 21.5MB

.rsrc Size: 44KB - Virtual size: 48KB

.textbss
Size: - Virtual size: 3.4MB

.text
Size: 9.5MB - Virtual size: 21.5MB

.rsrc
Size: 44KB - Virtual size: 48KB