1220ec3aeb45361782fe8380128be7ac

Sharing

Copy URL Twitter E-mail

General

Target

1220ec3aeb45361782fe8380128be7ac
Size

612KB
MD5

1220ec3aeb45361782fe8380128be7ac
SHA1

b99926eeef8f90bf111afdfe527b27474b17597d
SHA256

6c1db193e2af7bb9b0083e190fc2ca4c7be808546d81298959f7b867e9c02bc3
SHA512

4a13e9e1b1b0d78c7d9448ba408c12f0949610a4fc4a954c78a90e6a624f51874f247039fec6bc6cdda600f4116a02b1476fcedde1b312036a2286350cf826b0
SSDEEP

12288:4zAPBRlhonlCzoxEzvZFdD4lB9rUhyGxjpL2:4zwZhslCzoxevZ0lrrUhvpL2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1220ec3aeb45361782fe8380128be7ac

Files

1220ec3aeb45361782fe8380128be7ac
.dll regsvr32 windows:4 windows x86 arch:x86

d04659c383eeac0539abe258b7e7db66

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStringTypeA
GetVersionExA
GetUserDefaultLCID
GetStringTypeW
GetLocaleInfoA
SetFilePointer
EnumSystemLocalesA
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentStrings
IsValidCodePage
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
FreeEnvironmentStringsW
GetOEMCP
GetACP
VirtualAlloc
VirtualFree
IsBadCodePtr
FlushFileBuffers
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
Sleep
HeapSize
TerminateProcess
GetCPInfo
LCMapStringA
ExitProcess
GetVersion
GetCommandLineA
HeapReAlloc
HeapAlloc
HeapFree
RaiseException
RtlUnwind
InterlockedExchange
SetStdHandle
GetLocaleInfoW
FreeResource
GetDiskFreeSpaceA
OpenProcess
CreateFileA
GlobalSize
WriteFile
LockResource
GlobalReAlloc
GlobalFree
lstrcatA
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
lstrcpynA
DisableThreadLibraryCalls
IsDBCSLeadByte
GetLastError
lstrcmpiA
LoadLibraryExA
SizeofResource
FindResourceA
LoadResource
lstrlenA
GetModuleFileNameA
GetShortPathNameA
GetModuleHandleA
MultiByteToWideChar
lstrcpyA
GlobalAlloc
OpenFile
GetFileSize
GlobalUnlock
GlobalLock
ReadFile
IsBadWritePtr
CloseHandle
IsBadReadPtr
HeapCreate
MulDiv
lstrlenW
TlsSetValue
GetProcAddress
FreeLibrary
GetSystemDirectoryA
LoadLibraryA
GetCurrentProcess
FlushInstructionCache
EnterCriticalSection
GetCurrentThreadId
LeaveCriticalSection
WideCharToMultiByte
SetUnhandledExceptionFilter
LCMapStringW

user32

LoadStringA
CreateDialogParamA
DefWindowProcA
GetClientRect
DestroyWindow
ShowWindow
SetWindowLongA
GetWindowLongA
CallWindowProcA
CreateWindowExA
RegisterClassExA
wsprintfA
LoadCursorA
GetClassInfoExA
ReleaseDC
GetDC
RegisterWindowMessageA
SendMessageA
ScreenToClient
ClientToScreen
FrameRect
LoadImageA
SetScrollInfo
GetScrollPos
GetScrollInfo
SetScrollPos
ScrollWindowEx
LoadIconA
GetForegroundWindow
ChildWindowFromPoint
SetCursor
IsWindowVisible
BeginPaint
EndPaint
GetWindowThreadProcessId
KillTimer
GetClassNameA
SetTimer
IsChild
SetFocus
FlashWindow
EnableWindow
GetActiveWindow
SetWindowTextA
SetActiveWindow
GetDlgItem
GetParent
LoadBitmapA
CopyIcon
DrawStateA
DrawIconEx
DestroyIcon
SetRect
InvalidateRect
EqualRect
RedrawWindow
IsWindow
GetWindowRect
IsDialogMessageA
WinHelpA
GetDialogBaseUnits
DestroyCursor
CharNextA
IntersectRect
SystemParametersInfoA
GetSystemMetrics
GetKeyState
IsRectEmpty
UnionRect
DrawTextA
DrawEdge
GetMessagePos
GetCursorPos
GetFocus
GetCaretPos
GetDesktopWindow
PeekMessageA
PtInRect
TranslateMessage
DispatchMessageA
GetWindowTextLengthA
GetWindowTextA
MoveWindow
GetAsyncKeyState
GetWindow
SetWindowPos
PostMessageA
SetWindowRgn
GetWindowDC
OffsetRect
GetSysColorBrush
FillRect
GetSysColor
InflateRect

olepro32

ord253
ord254
ord251
ord250

advapi32

RegEnumKeyExA
RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA

ole32

CoInitialize
CoUninitialize
CoGetClassObject
CoCreateInstance
CLSIDFromProgID
OleLockRunning
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CreateOleAdviseHolder
WriteClassStm
OleSaveToStream
OleLoadFromStream
OleDraw

oleaut32

SafeArrayUnaccessData
VariantCopy
SysAllocString
SysFreeString
VariantClear
SysAllocStringByteLen
SysStringByteLen
SafeArrayCreateVector
SafeArrayAccessData
SysAllocStringLen
SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
VariantChangeType

gdi32

SetBkMode
DeleteObject
SetTextColor
ExcludeClipRect
GetObjectA
SelectObject
GetStockObject
Polyline
CreatePen
CreateFontIndirectA
GetTextExtentPoint32A
GetTextColor
SetPixelV
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
PatBlt
SetBkColor
DeleteDC
CreateBitmap
CreateSolidBrush
GetPixel
ExtTextOutA
GetTextExtentPointA
GetTextMetricsA
DeleteMetaFile
CloseMetaFile
CreateRectRgnIndirect
SetWindowExtEx
SetWindowOrgEx
RestoreDC
CreateMetaFileA
SetViewportOrgEx
SaveDC
LPtoDP
CreateDCA
SetMapMode
ExtCreateRegion
CreateDIBSection
CombineRgn
ExtSelectClipRgn
GetClipRgn
CreateRectRgn
GetViewportOrgEx
GetWindowOrgEx
SelectClipRgn
GetDeviceCaps

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 356KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d04659c383eeac0539abe258b7e7db66

Headers

File Characteristics

Imports

kernel32

user32

olepro32

advapi32

ole32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 356KB - Virtual size: 354KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 84KB - Virtual size: 88KB

.rsrc Size: 72KB - Virtual size: 68KB

.reloc Size: 36KB - Virtual size: 33KB

.text
Size: 356KB - Virtual size: 354KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 84KB - Virtual size: 88KB

.rsrc
Size: 72KB - Virtual size: 68KB

.reloc
Size: 36KB - Virtual size: 33KB