010591c2ce5d487d3a36d52087b04bfb

Sharing

Copy URL Twitter E-mail

General

Target

010591c2ce5d487d3a36d52087b04bfb
Size

144KB
MD5

010591c2ce5d487d3a36d52087b04bfb
SHA1

db33f01847c2ee0c1ed7a1b5fc7447dc764dad82
SHA256

58b115b3827267d65bfacb28f625440c4b278ad177893b87b48b9269af545d14
SHA512

a3abfb1106a775290b84a976d336d1305f820c22dbfc45ce37b4232e4987f569731e6ee0b4e3fb8bcfc1c7bbdf9746da94cd1b0706846d7275b5ecf338576043
SSDEEP

3072:cyvxjGHcdzp/jJbrUTMD7mjlOz9so7NWam1J+or4pf3690O:Zj/dz5Bd7MlgzTocpf36u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
010591c2ce5d487d3a36d52087b04bfb

Files

010591c2ce5d487d3a36d52087b04bfb
.dll regsvr32 windows:4 windows x86 arch:x86

44991eb685dffb1065149af710bf8ee0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrStrIA
SHGetValueA
SHSetValueA

wininet

InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA
InternetSetOptionA
InternetOpenA
InternetReadFile

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
CoInitialize
CoCreateInstance

user32

SystemParametersInfoA
SetWindowPos
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
KillTimer
SetTimer
DefWindowProcA
OpenClipboard
CloseClipboard
GetClassNameA

advapi32

CryptGenRandom
CryptReleaseContext
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegCloseKey
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
CryptAcquireContextA

netapi32

Netbios

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

winmm

timeGetTime

oleaut32

GetErrorInfo
SysAllocString
SysFreeString
VariantClear

rpcrt4

UuidToStringA

psapi

EnumProcesses
GetModuleBaseNameA
EnumProcessModules

msvcrt

__CxxFrameHandler
strchr
strncpy
??3@YAXPAX@Z
??2@YAPAXI@Z
printf
free
strstr
isxdigit
strerror
wctomb
__mb_cur_max
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@XZ
isalpha
isgraph
wcslen
?what@exception@@UBEPBDXZ
wcscmp
_stricmp
toupper
strtok
srand
isspace
isupper
ispunct
isalnum
tolower
islower
fclose
fwrite
fopen
tmpnam
atoi
strtol
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
malloc

kernel32

LocalFree
CreateFileA
LoadLibraryA
VirtualAllocEx
GetProcAddress
WriteProcessMemory
CreateRemoteThread
FreeLibrary
lstrcmpA
lstrcmpiA
GetModuleHandleA
GetEnvironmentStrings
FormatMessageA
InterlockedExchange
GetCurrentThread
GetThreadTimes
GetSystemDirectoryA
GetCurrentProcessId
GetEnvironmentVariableA
OpenProcess
CloseHandle
GetLocalTime
GetProcessHeap
HeapAlloc
HeapSize
MultiByteToWideChar
lstrcpynA
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
FreeEnvironmentStringsA
lstrlenA
GetVersion
GetCurrentDirectoryA
GetWindowsDirectoryA
GetFullPathNameA
SetLastError
GetLastError
GetSystemInfo
Sleep
GetCurrentProcess
GetProcessTimes
QueryPerformanceCounter
lstrcpyA
HeapFree
GetModuleFileNameA
SleepEx
GetVersionExA
GetTickCount
QueryPerformanceFrequency

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44991eb685dffb1065149af710bf8ee0

Headers

File Characteristics

Imports

shlwapi

wininet

ole32

user32

advapi32

netapi32

version

winmm

oleaut32

rpcrt4

psapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 21KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 21KB

.reloc
Size: 8KB - Virtual size: 7KB