fb360a83a8f2001b1484e487c7bf67efbeae84c063318799a0fa9eea0f12f387

Sharing

Copy URL Twitter E-mail

General

Target

fb360a83a8f2001b1484e487c7bf67efbeae84c063318799a0fa9eea0f12f387
Size

252KB
MD5

fa6c97f4250b72fd2da981d335e7820f
SHA1

2e6f70c811712b755a6cc2b4e63598a6933650e2
SHA256

fb360a83a8f2001b1484e487c7bf67efbeae84c063318799a0fa9eea0f12f387
SHA512

f310ede2756505abf45d636da34330d86bf5a4d5afc309aa9a77b24ec6e5c0aa768d43eee9acf207127f8513c5fa4fb566e4c22d9b72005f7fba5df58de90d95
SSDEEP

6144:G+ldg0Ow1zv3N3TXOA4buR9UfMz2105EMc1:G+rg0Ow1zv3NjEuR9UfMz218EMc1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb360a83a8f2001b1484e487c7bf67efbeae84c063318799a0fa9eea0f12f387

Files

fb360a83a8f2001b1484e487c7bf67efbeae84c063318799a0fa9eea0f12f387
.dll regsvr32 windows:4 windows x86

a6059ad353a30ba163c9872193f003dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc80

ord2398
ord2400
ord2394
ord2410
ord2390
ord934
ord930
ord932
ord928
ord923
ord5233
ord5235
ord5960
ord1600
ord4282
ord4722
ord3403
ord4185
ord6275
ord5073
ord1908
ord5152
ord4244
ord1402
ord3946
ord1617
ord1620
ord5915
ord6725
ord5731
ord602
ord6017
ord347
ord781
ord2075
ord3684
ord304
ord2346
ord1185
ord3163
ord4125
ord6090
ord5613
ord3255
ord1181
ord5320
ord1580
ord6286
ord5331
ord6297
ord762
ord297
ord1489
ord299
ord6703
ord1482
ord911
ord5563
ord6067
ord3761
ord2301
ord3287
ord4001
ord4123
ord5641
ord502
ord709
ord501
ord3317
ord2991
ord4240
ord1591
ord2095
ord741
ord4320
ord566
ord3262
ord4481
ord2990
ord2838
ord3829
ord5566
ord5213
ord5230
ord4568
ord3948
ord2247
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord2063
ord4326
ord6276
ord3801
ord6278
ord4014
ord4038
ord757
ord6754
ord6252
ord1138
ord314
ord1150
ord3604
ord3602
ord476
ord3275
ord2942
ord2857
ord5380
ord4314
ord6265
ord2911
ord6264
ord701
ord3520
ord683
ord3825
ord451
ord5679
ord4483
ord3950
ord2645
ord2541
ord2847
ord4308
ord2836
ord2732
ord2538
ord6270
ord1906
ord2510
ord4390
ord1063
ord2993
ord1997
ord4870
ord4883
ord4252
ord2396
ord4459
ord4245
ord4612
ord4615
ord4613
ord4188
ord4193
ord4205
ord4438
ord4958
ord4495
ord4496
ord4513
ord4656
ord4186
ord4506
ord4521
ord4919
ord4558
ord4512
ord4534
ord4535
ord4536
ord4800
ord4801
ord4527
ord4831
ord4826
ord4821
ord4879
ord4449
ord4374
ord4404
ord4795
ord4514
ord4642
ord4530
ord4531
ord3980
ord5487
ord2556
ord2422
ord4577
ord4575
ord5061
ord3756
ord2509
ord5118
ord1424
ord1621
ord5860
ord4814
ord4737
ord1658
ord5519
ord4498
ord4556
ord4173
ord966
ord5456
ord1329
ord1957
ord4845
ord605
ord2020
ord354
ord5896
ord1093
ord1147
ord1132
ord5256
ord5244
ord2050
ord4931
ord4301
ord3657
ord2164
ord1929
ord3537
ord3661
ord479
ord4262
ord4484
ord2858
ord4279
ord5210
ord6271
ord1401
ord5912
ord6724
ord1551
ord1670
ord1671
ord4582
ord4890
ord4735
ord4212
ord5182
ord4903
ord4726
ord4540
ord4426
ord703
ord1763
ord1134
ord3164
ord4232
ord1545
ord4761
ord587
ord563
ord753
ord6255
ord1009
ord2264
ord1050
ord2413
ord2408
ord2392
ord2415
ord765
ord315
ord1037
ord1092
ord1206
ord1208
ord1098
ord371
ord1917
ord1167
ord1120
ord1201
ord1175
ord1177
ord1209
ord581
ord1903
ord2372
ord2367
ord2902
ord5637
ord1279
ord3161
ord3204
ord2368
ord310
ord2322
ord876
ord2403
ord2385
ord2387
ord2405
ord2178
ord2172
ord1522
ord6279
ord3802
ord6277
ord3345
ord4967
ord1362
ord5175
ord1964
ord1656
ord1655
ord1599
ord5200
ord2537
ord2731
ord2835
ord4307
ord2714
ord2862
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4486
ord4261
ord3337
ord572
ord784
ord4900
ord760
ord1123
ord578
ord3210
ord1084
ord1934
ord1280
ord5214
ord4395
ord764
ord1049

msvcr80

memset
strcpy_s
_purecall
free
vsprintf
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
memcpy
strcmp
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
__CxxFrameHandler3

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
LocalAlloc
LocalFree
OutputDebugStringA
GetLastError
InterlockedExchange
GetPrivateProfileStringA
CreateFileA
GetFileSize
CloseHandle
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
GlobalFree
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
GetSystemTimeAsFileTime

user32

InvalidateRect
ReleaseDC
DrawFocusRect
GetClientRect
IsIconic
ClientToScreen
WindowFromPoint
IsWindowVisible
DrawEdge
DestroyCursor
GetCapture
GetCursorPos
SendMessageA
PostMessageA
SetTimer
KillTimer
GetSysColor
LoadImageA
LoadBitmapA
IsWindow
GetWindowRect
FillRect
InflateRect
SetCursor
ReleaseCapture
EnableWindow
LoadCursorA
GetParent
GetDC
SetCapture

gdi32

GetCurrentObject
GetObjectA
CreateSolidBrush
BitBlt
CreateCompatibleBitmap
SelectObject
StretchBlt
GetTextMetricsA
DeleteObject
GetStockObject
ExtTextOutA
CreateFontIndirectA
CreateCompatibleDC

comctl32

_TrackMouseEvent

ole32

CreateStreamOnHGlobal

oleaut32

LoadRegTypeLi
OleLoadPicture

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
_AVI_SetCallBack@8

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6059ad353a30ba163c9872193f003dc

Headers

File Characteristics

Imports

mfc80

msvcr80

kernel32

user32

gdi32

comctl32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 104KB - Virtual size: 101KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 104KB - Virtual size: 101KB

.reloc
Size: 24KB - Virtual size: 23KB