06230ce5b3804e01f5050a8e8e3e8d71

General

Target

06230ce5b3804e01f5050a8e8e3e8d71
Size

44KB
MD5

06230ce5b3804e01f5050a8e8e3e8d71
SHA1

496b32ec0a29c600cddfdb294a101af770f6e7bd
SHA256

83d70ed34c610a9eef7ccfafdc7aab441d2b575899c72e451eeb70c26e2c24ff
SHA512

657635c7da6c450103981a55adeb3f736fc9ebbcbcf6e19955864fcfa4753bd5695fc9cc8ca7ff0cf35aa3a7c6b7ad10e0c2e4d07aee979ff5e5b74ded0773c6
SSDEEP

768:H9piu6rDlVMIXOedpkavCku52/fA0WVOpkgLa1dj:H9QXgGODJkjfAwvLan

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06230ce5b3804e01f5050a8e8e3e8d71

Files

06230ce5b3804e01f5050a8e8e3e8d71
.dll regsvr32 windows:4 windows x86 arch:x86

77e5b87e14ee8a04a6f2b515324851e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLocalTime
CreateThread
GetModuleFileNameA
GetSystemDirectoryA
InterlockedIncrement
GetModuleHandleA
GetWindowsDirectoryA
WinExec
CloseHandle
CreateMutexA
GetLastError
VirtualAlloc

user32

TranslateMessage
DispatchMessageA
CreateWindowExA
ShowWindow
KillTimer
SetTimer
GetMessageA
UnhookWindowsHookEx
CallNextHookEx
FindWindowExA
PostMessageA
RegisterClassExA
SetWindowsHookExA
DefWindowProcA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

ole32

CoCreateGuid

msvcrt

free
strrchr
_except_handler3
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
strchr
_stricmp
sprintf
_initterm
malloc
_adjust_fdiv
fopen
fwrite
fclose

psapi

GetModuleBaseNameA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
pZPJWSOcHdpVVJCe

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 926B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77e5b87e14ee8a04a6f2b515324851e2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

psapi

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 926B

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 926B