dfda1b4fe06690babb3d0a99a165a3dd6e20f64508116f503c9b7d43ba09d73a

Sharing

Copy URL Twitter E-mail

General

Target

dfda1b4fe06690babb3d0a99a165a3dd6e20f64508116f503c9b7d43ba09d73a
Size

685KB
MD5

2f8e7d271d3b1e6295553878f29e1e7e
SHA1

072ed46ee267f519cf41db635221a4389ff834c4
SHA256

dfda1b4fe06690babb3d0a99a165a3dd6e20f64508116f503c9b7d43ba09d73a
SHA512

128aa8f30ee4ae98177d85f209dad0674ca80d3c3886942b1d7e7bdcf93f7347775d40141430022052bf2d432aeae0c47e7e9517da3031e71378fd49f81a4ef2
SSDEEP

6144:pLDTLepmD0/0VarVNQKLpX3FKGsKGVG01DKGnp7jb6O2I25ldxv:RJPYEKLpFOKgPKA2I2Tzv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfda1b4fe06690babb3d0a99a165a3dd6e20f64508116f503c9b7d43ba09d73a

Files

dfda1b4fe06690babb3d0a99a165a3dd6e20f64508116f503c9b7d43ba09d73a
.dll regsvr32 windows:4 windows x86

62d379f16cf6a20abeb8e17042a2715e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegEnumKeyW
RegOpenKeyW
RegQueryValueA
RegQueryValueW

kernel32

DisableThreadLibraryCalls
EnumResourceNamesW
FindResourceW
GetEnvironmentVariableW
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc
IsBadStringPtrA
IsBadStringPtrW
LoadLibraryW
LoadResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
RtlUnwind
SizeofResource
WideCharToMultiByte
lstrcmpW

msacm32

acmFormatChooseW
acmFormatDetailsW
acmFormatSuggest
acmFormatTagDetailsW
acmMetrics
acmStreamClose
acmStreamConvert
acmStreamOpen
acmStreamPrepareHeader
acmStreamSize
acmStreamUnprepareHeader

msvfw32

ICClose
ICCompress
ICCompressorChoose
ICCompressorFree
ICDecompress
ICGetDisplayFormat
ICGetInfo
ICLocate
ICOpen
ICSendMessage

ntdll

_vsnprintf

ole32

CoCreateInstance
CoTaskMemAlloc
OleInitialize

rpcrt4

CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_QueryInterface
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
IUnknown_Release_Proxy
NdrAllocate
NdrCStdStubBuffer_Release
NdrClearOutParameters
NdrConformantArrayBufferSize
NdrConformantArrayFree
NdrConformantArrayMarshall
NdrConformantArrayUnmarshall
NdrConvert
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrOleAllocate
NdrOleFree
NdrPointerBufferSize
NdrPointerFree
NdrPointerMarshall
NdrPointerUnmarshall
NdrProxyErrorHandler
NdrProxyFreeBuffer
NdrProxyGetBuffer
NdrProxyInitialize
NdrProxySendReceive
NdrSimpleStructMarshall
NdrSimpleStructUnmarshall
NdrStubGetBuffer
NdrStubInitialize
RpcRaiseException

ucrtbase

__acrt_iob_func
__stdio_common_vsprintf
_assert
_strdup
free
fwrite
getenv
memcmp
memcpy
memmove
memset
strchr
strcmp
strcpy
strcspn
strlen
wcsrchr

user32

CheckDlgButton
DialogBoxParamW
EnableWindow
EndDialog
GetDlgItem
GetDlgItemInt
IsDlgButtonChecked
LoadStringW
SendDlgItemMessageW
SendMessageW
SetDlgItemInt
SetDlgItemTextW
wsprintfA
wsprintfW

winmm

mmioAscend
mmioClose
mmioCreateChunk
mmioDescend
mmioFlush
mmioOpenA
mmioOpenW
mmioRead
mmioSeek
mmioWrite

Exports

Exports

AVIBuildFilter
AVIBuildFilterA
AVIBuildFilterW
AVIClearClipboard
AVIFileAddRef
AVIFileCreateStream
AVIFileCreateStreamA
AVIFileCreateStreamW
AVIFileEndRecord
AVIFileExit
AVIFileGetStream
AVIFileInfo
AVIFileInfoA
AVIFileInfoW
AVIFileInit
AVIFileOpen
AVIFileOpenA
AVIFileOpenW
AVIFileReadData
AVIFileRelease
AVIFileWriteData
AVIGetFromClipboard
AVIMakeCompressedStream
AVIMakeFileFromStreams
AVIMakeStreamFromClipboard
AVIPutFileOnClipboard
AVISave
AVISaveA
AVISaveOptions
AVISaveOptionsFree
AVISaveV
AVISaveVA
AVISaveVW
AVISaveW
AVIStreamAddRef
AVIStreamBeginStreaming
AVIStreamCreate
AVIStreamEndStreaming
AVIStreamFindSample
AVIStreamGetFrame
AVIStreamGetFrameClose
AVIStreamGetFrameOpen
AVIStreamInfo
AVIStreamInfoA
AVIStreamInfoW
AVIStreamLength
AVIStreamOpenFromFile
AVIStreamOpenFromFileA
AVIStreamOpenFromFileW
AVIStreamRead
AVIStreamReadData
AVIStreamReadFormat
AVIStreamRelease
AVIStreamSampleToTime
AVIStreamSetFormat
AVIStreamStart
AVIStreamTimeToSample
AVIStreamWrite
AVIStreamWriteData
CLSID_AVISimpleUnMarshal
CreateEditableStream
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
EditStreamClone
EditStreamCopy
EditStreamCut
EditStreamPaste
EditStreamSetInfo
EditStreamSetInfoA
EditStreamSetInfoW
EditStreamSetName
EditStreamSetNameA
EditStreamSetNameW
IID_IAVIEditStream
IID_IAVIFile
IID_IAVIStream
IID_IGetFrame

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62d379f16cf6a20abeb8e17042a2715e

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msacm32

msvfw32

ntdll

ole32

rpcrt4

ucrtbase

user32

winmm

Exports

Exports

Sections

.text Size: 140KB - Virtual size: 138KB

.data Size: 4KB - Virtual size: 484B

.rodata Size: 4KB - Virtual size: 372B

.rdata Size: 48KB - Virtual size: 47KB

/4 Size: 24KB - Virtual size: 21KB

.edata Size: 76KB - Virtual size: 73KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 44KB - Virtual size: 41KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 140KB - Virtual size: 138KB

.data
Size: 4KB - Virtual size: 484B

.rodata
Size: 4KB - Virtual size: 372B

.rdata
Size: 48KB - Virtual size: 47KB

/4
Size: 24KB - Virtual size: 21KB

.edata
Size: 76KB - Virtual size: 73KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 44KB - Virtual size: 41KB

.reloc
Size: 8KB - Virtual size: 5KB