4ac7e97f1d3b9f19664573c771c5c302b19f3f5bda05aaaaf37b4a597e588799

Sharing

Copy URL Twitter E-mail

General

Target

4ac7e97f1d3b9f19664573c771c5c302b19f3f5bda05aaaaf37b4a597e588799
Size

529KB
MD5

da13ec209ab484b78419fa3a9c0c148e
SHA1

519295e22a1c19b4ba75bfd903038705089874a8
SHA256

4ac7e97f1d3b9f19664573c771c5c302b19f3f5bda05aaaaf37b4a597e588799
SHA512

89b527e8f305377e6ca5751417128099207b476b7fdc5a50a214299f5daffe692a078f8d2c6e9b5198837c722cc5db31cfd02de9297f677ba1f8f6f7cdebc5d4
SSDEEP

6144:PyvsNaVxr1KjgYJbZUx/dGyYo0wQIbX7CUjAOstRK6D2SbZ94yzMwqMMYgvr6f:aaJbe+yYo0w3bX7Lum6pv857Cf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ac7e97f1d3b9f19664573c771c5c302b19f3f5bda05aaaaf37b4a597e588799

Files

4ac7e97f1d3b9f19664573c771c5c302b19f3f5bda05aaaaf37b4a597e588799
.dll regsvr32 windows:5 windows x86

5d819ec626c84ef7a5241aa737209174

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

kernel32

WriteFile
SetFilePointer
FlushFileBuffers
GetFullPathNameW
RtlUnwind
EncodePointer
DecodePointer
HeapFree
HeapAlloc
GetCommandLineA
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapReAlloc
HeapQueryInformation
HeapSize
ExitProcess
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
IsProcessorFeaturePresent
GetStringTypeW
Sleep
GetStdHandle
HeapCreate
HeapDestroy
SetHandleCount
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
WriteConsoleW
SetEnvironmentVariableA
DeleteFileW
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesExW
lstrcmpA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
ReleaseActCtx
CreateActCtxW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
CreateFileW
GetVolumeInformationW
FindFirstFileW
FindClose
WideCharToMultiByte
RaiseException
DisableThreadLibraryCalls
GetTickCount
GetCurrentThread
GetModuleHandleW
InterlockedExchange
VirtualAlloc
CreateSemaphoreW
GetCurrentThreadId
GetCurrentProcess
lstrcmpW
VirtualFree
GetSystemInfo
ReleaseSemaphore
CreateEventW
CloseHandle
OutputDebugStringW
GetCurrentProcessId
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
lstrlenA
ResetEvent
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetEvent
VirtualQuery
GetModuleFileNameW
MulDiv
lstrlenW
GetVersionExW
lstrcpyW
GetProcAddress
FreeLibrary
LoadLibraryW
MultiByteToWideChar
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
TerminateProcess

user32

UnregisterClassW
PostQuitMessage
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
RealChildWindowFromPoint
SetWindowTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
DestroyMenu
SetCursor
ShowWindow
IsWindowEnabled
GetWindowDC
ClientToScreen
DrawTextExW
DrawTextW
TabbedTextOutW
InvalidateRect
LoadIconW
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetKeyState
SetMenu
EnableWindow
SetForegroundWindow
IsWindowVisible
UpdateWindow
PostMessageW
MessageBoxW
GetClassInfoExW
RegisterClassW
GetWindowRect
ScreenToClient
PtInRect
GetDlgCtrlID
CallWindowProcW
UnhookWindowsHookEx
GetMenuState
CharUpperW
KillTimer
SetTimer
ReleaseDC
GetDC
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
EnumWindows
GetWindowThreadProcessId
wvsprintfW
wsprintfW
AdjustWindowRectEx
SetWindowPos
GetClientRect
GetWindowLongW
SetWindowLongW
IsWindow
GetActiveWindow
CreateWindowExW
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
GetSysColorBrush
GetParent
MapWindowPoints
LoadCursorW
GetSysColor
GetSystemMetrics
EnumDisplayMonitors
SystemParametersInfoW
GetMonitorInfoW
SetRectEmpty
CopyRect
GetClassNameW
DefWindowProcW
SendMessageW
GetClassInfoW
GetWindow
GrayStringW

gdi32

ScaleWindowExtEx
CreateBitmap
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateDIBitmap
GetClipBox
SetMapMode
RestoreDC
SaveDC
DeleteDC
SelectObject
SetBkColor
SetTextColor
DeleteObject
GetTextCharsetInfo
EnumFontFamiliesW
GetTextMetricsW
GetDeviceCaps
GetObjectW
CreateFontIndirectW
CreatePatternBrush
CreateSolidBrush
CreatePen
GetStockObject

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegDeleteValueW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegSetValueW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW
RegCreateKeyW

shell32

ShellExecuteW

shlwapi

PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW

ole32

StringFromGUID2
CoTaskMemAlloc
CLSIDFromString
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid
CoTaskMemFree
CoFreeUnusedLibraries

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear
VariantChangeType

oleacc

LresultFromObject
CreateStdAccessibleObject

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5d819ec626c84ef7a5241aa737209174

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oleacc

Exports

Exports

Sections

.text Size: 234KB - Virtual size: 234KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 31KB - Virtual size: 86KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 57KB - Virtual size: 56KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 234KB - Virtual size: 234KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 31KB - Virtual size: 86KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 57KB - Virtual size: 56KB

.text
Size: 108KB - Virtual size: 108KB