0c63fdf91caf02db210d049ec7030838

Sharing

Copy URL

Twitter E-mail

General

Target

0c63fdf91caf02db210d049ec7030838
Size

92KB
MD5

0c63fdf91caf02db210d049ec7030838
SHA1

ccf2010710a201187c8473fdc0efbef7f04383bb
SHA256

22e506a81c6fb6335840f46f41d7e556914b13a6b61c0e47b693c0c097af0e15
SHA512

094b72dd6097ba016891fc501b4a5345c8e262c7614e248c386e39baddc858c801c3f0d3505c6630cb4104317e5c12ec7023afc3951d7f25a5706a24674cce65
SSDEEP

1536:mZualbvORGjkJH/isKVmMyWVq5YzlhYqWOYuwJ5k6gSF0q8:CmRAMH/GaYzlh1WOgJngSF0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c63fdf91caf02db210d049ec7030838

Files

0c63fdf91caf02db210d049ec7030838
.dll regsvr32 windows:4 windows x86 arch:x86

9e0b794ddbc20f8cb4521c577084c130

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFlags
OpenMutexW
LocalFileTimeToFileTime
QueueUserWorkItem
SetTimeZoneInformation
LocalSize
CopyFileExW
GetVersionExA
VirtualAlloc
SetVolumeLabelW
Beep
SetFileTime
SetConsoleScreenBufferSize
SwitchToThread
FreeResource
SetFilePointer
UnregisterWaitEx
GetConsoleOutputCP
SetConsoleTitleA
IsValidLocale
IsBadReadPtr
ReadConsoleW
GetFileType
GlobalDeleteAtom
ExpandEnvironmentStringsW
FillConsoleOutputCharacterW
GetTimeFormatA
GetFileAttributesW
OpenThread
SetHandleInformation
ReleaseSemaphore
GetModuleFileNameW
VirtualQueryEx
CreateWaitableTimerA
SetEvent
LCMapStringA
LoadResource
GetCurrentThread
AssignProcessToJobObject
WaitNamedPipeW
OpenProcess
WaitNamedPipeA
CreateNamedPipeW
SetHandleCount
GetStringTypeExW
GetProcessAffinityMask
GetVersion
SetCurrentDirectoryA
ReplaceFileW
GetSystemTime
SetDefaultCommConfigW
IsValidLanguageGroup
EnumResourceNamesA
SetConsoleActiveScreenBuffer
ProcessIdToSessionId
OpenFileMappingA
GetDiskFreeSpaceExW
GetDateFormatA
SuspendThread
GetProcessVersion
GetFullPathNameW
CreateToolhelp32Snapshot
RtlUnwind
GetFileAttributesExW
GlobalFree
SleepEx
GetStringTypeW
RaiseException
MoveFileExA
FindNextChangeNotification
GetEnvironmentVariableA
lstrlenA
GetProfileStringA
InterlockedCompareExchange
WriteProcessMemory
lstrcpyW
SetCurrentDirectoryW
GetCurrentThreadId
GetFileInformationByHandle
GetNumberFormatW
AddAtomW
GetFileSize
lstrcmpA
GetDateFormatW
FindNextVolumeMountPointW
LocalFlags
IsBadHugeReadPtr
IsProcessorFeaturePresent
ExitProcess
FindAtomW
LockResource
GlobalMemoryStatusEx
FindAtomA
HeapWalk
lstrcpynA
WideCharToMultiByte
GetFileAttributesA
HeapValidate
GetCurrentDirectoryA
SizeofResource
FindResourceExW
FlushConsoleInputBuffer
ConnectNamedPipe
GetProfileIntW
ReadDirectoryChangesW
WaitForMultipleObjectsEx
GetAtomNameA
GetProfileStringW
DeviceIoControl
OpenFile
FreeConsole
VirtualFree
lstrcmpW
CreateMailslotW
ExpandEnvironmentStringsA
LeaveCriticalSection
Sleep
GetSystemTimeAsFileTime
InterlockedDecrement
GetTickCount
InterlockedExchange
ReadFile
CreateDirectoryA
GetLastError
HeapFree
InitializeCriticalSection
GetProcessHeap
CloseHandle
CopyFileA
UnmapViewOfFile
VirtualProtect
CreateFileMappingA
GetModuleFileNameA
MoveFileA
GlobalAlloc
GetModuleHandleA
CreateFileA
CreateProcessA
GetCurrentProcessId
CreateMutexA
MapViewOfFile
LoadLibraryA
FindResourceExA
GetProcAddress

shell32

ShellExecuteExW
SHFormatDrive
SHGetPathFromIDListW
SHGetFolderLocation
SHAppBarMessage
SHCreateShellItem
SHGetSpecialFolderPathW
SHParseDisplayName
SHGetDesktopFolder
SHGetFolderPathAndSubDirW
SHGetFileInfoA
ShellExecuteW
ExtractIconA
ShellExecuteA
SHGetFolderPathA

gdi32

CreateEllipticRgnIndirect
CopyMetaFileA
MoveToEx
GetPixel
SetPixelV
PlayEnhMetaFileRecord
GetEnhMetaFileHeader
SetViewportExtEx
GetGlyphOutlineA
GetCurrentPositionEx
CreateRoundRectRgn
PathToRegion
GetTextCharacterExtra
DeleteMetaFile
GetBkMode
CreateEnhMetaFileW
EndPath
CloseFigure
FillRgn
SetBitmapDimensionEx
GetTextMetricsW
GetTextExtentPoint32W
CreateMetaFileA
CreateBitmapIndirect
SetBkColor
StartDocA
CreateMetaFileW
CreateICW
SelectObject
CombineRgn
CopyMetaFileW
UpdateColors
EqualRgn
LineTo
EnumFontsA
GetBkColor
OffsetRgn
ExtCreatePen
GetMetaFileBitsEx
EnumFontFamiliesExA
FlattenPath
SetTextColor
DeleteDC
AnimatePalette
SetStretchBltMode
SetRectRgn
ResetDCA
CreateCompatibleDC
ExtEscape
GetTextFaceA
SetPolyFillMode
GetROP2
PlayEnhMetaFile
SetViewportOrgEx
PolyBezierTo
GetPath
SetDIBColorTable
EnumFontFamiliesW
LPtoDP
GetNearestColor
StretchDIBits
GetPolyFillMode
DescribePixelFormat
CreateFontW
EnumFontFamiliesExW
GetObjectType

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e0b794ddbc20f8cb4521c577084c130

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB