8498699ab1ca61ea2262f81d83d52e8aad6917e6e7e27b7f9e907a50c0ccbf4f

Sharing

Copy URL

Twitter E-mail

General

Target

8498699ab1ca61ea2262f81d83d52e8aad6917e6e7e27b7f9e907a50c0ccbf4f
Size

1.6MB
MD5

96d6ac8c1c49aaa37d94128fbf09896d
SHA1

babfebdb3f74176486b587d473ce615651a7bdf1
SHA256

8498699ab1ca61ea2262f81d83d52e8aad6917e6e7e27b7f9e907a50c0ccbf4f
SHA512

04ce9697df782f4d5b36c1048cf58a55aa8d0e48d817c86b48e35941ef6322fe3cb273933823a638a5b7bd60738d87025925d55e490ca540f598911252f43b7c
SSDEEP

24576:8oP910mhRVuVasCwLogb2gHjoYftrBY56/wS8xOlUYLTDz/KfGr:8oPtRVuVn9oYftrWQ/fgEnZr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8498699ab1ca61ea2262f81d83d52e8aad6917e6e7e27b7f9e907a50c0ccbf4f

Files

8498699ab1ca61ea2262f81d83d52e8aad6917e6e7e27b7f9e907a50c0ccbf4f
.dll regsvr32 windows:5 windows x86

903ad27466c8c8eab9454f5d5d707247

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindNextFileA
FindFirstFileExW
FindFirstFileExA
FindClose
SetConsoleCtrlHandler
GetTimeZoneInformation
SetFilePointerEx
ReadConsoleW
ReadFile
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetFileType
GetStdHandle
GetACP
GetCurrentThread
GetModuleFileNameA
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
VirtualQuery
VirtualProtect
GetSystemInfo
FreeEnvironmentStringsW
RtlUnwind
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
IsValidCodePage
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
CreateEventW
FormatMessageW
LocalFree
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
GetCurrentProcess
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent
FindNextFileW
GetOEMCP
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
WriteConsoleW
SetEndOfFile
WaitForSingleObjectEx
CreateFileW
GetTempFileNameW
GetTempPathW
GetFileSize
GetProfileStringW
lstrcpyW
SetUnhandledExceptionFilter
CloseHandle
GetVersionExW
CopyFileW
CreateDirectoryW
GetPrivateProfileStringA
GetPrivateProfileIntW
lstrcmpW
HeapCreate
GlobalUnlock
GlobalSize
InterlockedExchange
GlobalFree
GlobalLock
GlobalAlloc
LoadLibraryExW
lstrcmpiW
GetTickCount
GetLocalTime
MulDiv
DisableThreadLibraryCalls
FreeLibrary
EncodePointer
LoadLibraryA
GetCurrentThreadId
DeleteFileW
InterlockedIncrement
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
InterlockedDecrement
FindResourceExW
FindResourceW
SizeofResource
LoadResource
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
LockResource
GetFileAttributesW
OutputDebugStringA
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
LoadLibraryW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
SetLastError
GetLastError
RaiseException
GetVersion
GetProcAddress
DecodePointer
InterlockedFlushSList

user32

BeginPaint
EndPaint
InvalidateRect
GetClientRect
GetWindowRect
SetCursor
GetCursorPos
ScreenToClient
MapWindowPoints
SetRect
PtInRect
GetWindowLongW
GetParent
GetWindow
LoadCursorW
EmptyClipboard
IsClipboardFormatAvailable
GetActiveWindow
DrawTextW
EnableWindow
InvalidateRgn
GetScrollPos
EnableScrollBar
GetPropW
ShowCursor
ClientToScreen
GetClassNameW
EndDialog
SetWindowPos
UnregisterClassW
LoadBitmapW
LoadIconW
DestroyIcon
GetDlgItem
CreateDialogParamW
IsIconic
IsZoomed
SystemParametersInfoW
KillTimer
SetTimer
keybd_event
MonitorFromWindow
GetMonitorInfoW
MessageBoxW
GetDC
ReleaseDC
TrackMouseEvent
SendMessageW
DefWindowProcW
CallWindowProcW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
DestroyWindow
MoveWindow
SetFocus
GetAsyncKeyState
GetUpdateRect
SetPropW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
FillRect
SetWindowLongW
ShowWindow
IsWindowVisible
SetCapture
ReleaseCapture
GetClassLongW
SetClassLongW
GetDesktopWindow
SetParent
DrawEdge
IsWindow
IsChild
PeekMessageW
RegisterClipboardFormatW
CharNextW
GetFocus
GetKeyState
GetSystemMetrics
SetWindowRgn
IntersectRect
UnionRect
OffsetRect
EqualRect
DestroyCursor
GetCapture
SetScrollPos
ShowScrollBar
SetScrollInfo
GetScrollInfo
IsWindowEnabled
UpdateWindow
GetSysColor
TranslateMessage
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
DialogBoxParamW
DispatchMessageW

gdi32

PlgBlt
SetPixelV
SetWindowOrgEx
SetViewportOrgEx
LPtoDP
SetMapMode
SaveDC
RestoreDC
CreateRectRgnIndirect
CreateDCW
SetPixel
SetBkColor
CreateCompatibleBitmap
GetCharWidthW
TextOutW
MoveToEx
SelectClipRgn
Pie
LineTo
GetTextExtentPoint32W
GetDeviceCaps
GetClipRgn
Rectangle
CreateRectRgn
CreatePen
CombineRgn
Arc
SetTextColor
SetStretchBltMode
StretchBlt
SetBkMode
SelectObject
DeleteObject
DeleteDC
CreateFontW
CreateCompatibleDC
BitBlt
CreateEnhMetaFileW
StartDocW
EndDoc
StartPage
EndPage
AbortDoc
GetStockObject
SetDIBits
SetROP2
DeleteEnhMetaFile
GetEnhMetaFileHeader
PlayEnhMetaFile
CreateDIBSection
GetObjectW
CreatePolygonRgn
SetDIBColorTable
GetCurrentObject
GetDIBits
CreateSolidBrush
ResetDCW
CloseEnhMetaFile

winspool.drv

GetPrinterW
OpenPrinterW
DeviceCapabilitiesW
ClosePrinter
EnumPrintersW

advapi32

RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteW

ole32

OleRegGetMiscStatus
OleRegGetUserType
CreateOleAdviseHolder
OleSaveToStream
WriteClassStm
ReadClassStm
CoTaskMemFree
OleRegEnumVerbs
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
StgCreateDocfile
CoCreateGuid
CoInitialize
OleRun
CoTaskMemRealloc
CreateStreamOnHGlobal

oleaut32

OleTranslateColor
OleCreatePictureIndirect
OleCreateFontIndirect
SysAllocStringLen
OleCreatePropertyFrame
UnRegisterTypeLi
RegisterTypeLi
VarCmp
SetErrorInfo
GetErrorInfo
CreateErrorInfo
VarUI4FromStr
VariantChangeType
VariantClear
VariantInit
VarUdateFromDate
VarDateFromStr
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadRegTypeLi
LoadTypeLi
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SysAllocString
SysFreeString

shlwapi

PathFindExtensionW

urlmon

URLDownloadToFileW

gdiplus

GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipLoadImageFromFile
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDrawLineI
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipSetPenColor
GdipCreateBitmapFromFile
GdipSetSolidFillColor
GdipDrawImageRectI
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipResetClip
GdipSetClipRectI
GdipDrawLines
GdipSetSmoothingMode
GdipDeletePen
GdipCreatePen1
GdipFillRectangleI
GdipReleaseDC
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromFileICM
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateLineBrushI
GdipLoadImageFromFileICM

uxtheme

IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground

wininet

DeleteUrlCacheEntryW

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow
ImmSetOpenStatus

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 298KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

903ad27466c8c8eab9454f5d5d707247

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

shlwapi

urlmon

gdiplus

uxtheme

wininet

imm32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 217KB - Virtual size: 216KB

.data Size: 30KB - Virtual size: 73KB

.rsrc Size: 298KB - Virtual size: 297KB

.reloc Size: 53KB - Virtual size: 52KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 217KB - Virtual size: 216KB

.data
Size: 30KB - Virtual size: 73KB

.rsrc
Size: 298KB - Virtual size: 297KB

.reloc
Size: 53KB - Virtual size: 52KB