c83e43f7e20b98b9d9ab8cad907067ba473e072573c7685f7dfa1c26c0b0d07f

Sharing

Copy URL

Twitter E-mail

General

Target

c83e43f7e20b98b9d9ab8cad907067ba473e072573c7685f7dfa1c26c0b0d07f
Size

270KB
MD5

dc46beee8bf8cb81e5fdbe6f588928b7
SHA1

ed1fd72410683e0658f3f5a66e131acb5fcc403c
SHA256

c83e43f7e20b98b9d9ab8cad907067ba473e072573c7685f7dfa1c26c0b0d07f
SHA512

2e1430f6e31dfab2e36e4c47249b3752dd81e5916b8a9a4156f1596d9711b1ca3bc7f77209db3bbf5b51ee6abacd0b0b7a5f6993e2fea66ce8d5e3a70ca8c7ea
SSDEEP

6144:9Gn7m7fGtlqK7CpzNQEKuys95+SM68E3q1Of:7GtlqYC9zKuywBMR2f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c83e43f7e20b98b9d9ab8cad907067ba473e072573c7685f7dfa1c26c0b0d07f

Files

c83e43f7e20b98b9d9ab8cad907067ba473e072573c7685f7dfa1c26c0b0d07f
.dll regsvr32 windows:6 windows x64

0df75c83de76b402f4196a3db74b2558

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetFullPathNameW
CreateFileW
GetLastError
FindFirstFileExW
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetProcAddress
DeleteCriticalSection
GetCurrentProcessId
GetModuleHandleW
FreeLibrary
GetTickCount
FindNextFileW
FindClose
MultiByteToWideChar
WideCharToMultiByte
VirtualProtect
GetCommandLineW
GetVersionExA
GetEnvironmentStringsW
GetCurrentThreadId
WriteConsoleW
GetFileType
RaiseException
GetSystemInfo
VirtualQuery
LoadLibraryExA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
CreateEventW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleHandleExW
ExitProcess
HeapReAlloc
HeapFree
HeapAlloc
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
FreeEnvironmentStringsW
GetProcessHeap
SetFilePointerEx
GetStringTypeW
SetStdHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
HeapSize
GetEnvironmentVariableW
GlobalUnlock
CreateProcessW
GlobalLock
CloseHandle
DuplicateHandle
GetFileAttributesW
CreatePipe
GetThreadLocale
GetModuleFileNameW
WriteFile
GetStdHandle
GetCurrentProcess
GetLongPathNameW
GetSystemDefaultLCID

gdi32

SelectObject
CreateCompatibleDC
GetClipRgn
CreateRectRgn
DeleteDC
SetTextColor
SetBkMode
SelectClipRgn
DeleteObject
GetObjectType
CreateDIBSection

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServerUser
DllUnregisterServer
DllUnregisterServerUser
GetMenuFlags
IsRegistServer
SetAdminMode
SetMenuFlags

Sections

.text
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0df75c83de76b402f4196a3db74b2558

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Exports

Exports

Sections

.text Size: 175KB - Virtual size: 174KB

.rdata Size: 64KB - Virtual size: 64KB

.data Size: 4KB - Virtual size: 9KB

.pdata Size: 7KB - Virtual size: 7KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 175KB - Virtual size: 174KB

.rdata
Size: 64KB - Virtual size: 64KB

.data
Size: 4KB - Virtual size: 9KB

.pdata
Size: 7KB - Virtual size: 7KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB