02f4ed78601bbc5ada13cecfb43bd04e

Sharing

Copy URL Twitter E-mail

General

Target

02f4ed78601bbc5ada13cecfb43bd04e
Size

189KB
MD5

02f4ed78601bbc5ada13cecfb43bd04e
SHA1

fccb49a3d85abf5f0888156abcdfca4df2aeb314
SHA256

fd5394fa8e7a1437e1e87a0a8e8074f69b386d3b1329e83bc2d7e6bd5fc13b47
SHA512

e16629129ba9b7cc165352fdd02d218f5b9a3df23d2b42aa4c4b2ce87d4a73f17e86fb6213dbd9d3ff441107f7a62d35c4e6e930267f39f7d9d9f8acb0dff096
SSDEEP

3072:iBX8nYTs/0Xbi4HgovR7P0pB9/6Q5p4YelfE9H+Ra9+7GIs99H2l:wX9Tc4n7Wp6QrJeWHCaF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02f4ed78601bbc5ada13cecfb43bd04e

Files

02f4ed78601bbc5ada13cecfb43bd04e
.dll regsvr32 windows:5 windows x86 arch:x86

e0f58ba6084a5b179c79424ceac9fd5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
GetLastError
GetProcAddress
GetModuleHandleW
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
InterlockedDecrement
SetThreadLocale
GetThreadLocale
GetACP
CloseHandle
WriteFile
CreateFileW
GetProcessHeap
InterlockedIncrement
GetModuleFileNameW
GetFileAttributesW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryExW
RaiseException
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
LoadLibraryA
IsValidLocale
EnumSystemLocalesA
InterlockedExchange
Sleep
RtlUnwind
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetOEMCP
IsValidCodePage
HeapSize
ExitProcess
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
GetModuleHandleA
ReadFile
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID

user32

wsprintfA
CharNextW

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegSetValueW

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer
IsBlockImg

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0f58ba6084a5b179c79424ceac9fd5e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 137KB - Virtual size: 137KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 137KB - Virtual size: 137KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 11KB - Virtual size: 11KB