1b7c1327f686e0fbebaf4bad5525deb1

Sharing

Copy URL Twitter E-mail

General

Target

1b7c1327f686e0fbebaf4bad5525deb1
Size

152KB
MD5

1b7c1327f686e0fbebaf4bad5525deb1
SHA1

8d3c2907091c64be5c3905971e4148760e79266e
SHA256

c26fb10b4a32d918009bdad5903a7cbf07fa6dcbedee4bf5126ef6d96bf9d8fd
SHA512

68516c20ae773a1e6d00bc8dd1ddf470e4f9522be7ee9fc799cc46f428da7e182a5c44ffa142ec62f61b5c0e3b794f21ecb18d044ab7fbd176557e3ceaf52854
SSDEEP

3072:nPR0OnSugz5nN/GPAUixwJMBPucVG/LV:nPR00du55C6x32cVG/LV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b7c1327f686e0fbebaf4bad5525deb1

Files

1b7c1327f686e0fbebaf4bad5525deb1
.dll regsvr32 windows:4 windows x86 arch:x86

ec8142584e8ef0d04d1bae51f1f3bfd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
RegisterClassExA
SetWindowPos
SystemParametersInfoA
CloseClipboard
OpenClipboard
DefWindowProcA
SetTimer
KillTimer
EnumWindows
EnumChildWindows
GetWindowThreadProcessId
GetClassNameA
wsprintfA

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
srand
atoi
tmpnam
fopen
fwrite
fclose
_stricmp
??2@YAPAXI@Z
strstr
??3@YAXPAX@Z
strncpy
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??0exception@@QAE@XZ
strtok
toupper
??1exception@@UAE@XZ
islower
printf
strchr
ispunct
isxdigit
isalnum
__mb_cur_max
wctomb
isgraph
tolower
isalpha
isupper
isspace
free
malloc
wcslen
strerror
wcscmp
?what@exception@@UBEPBDXZ

advapi32

RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegCloseKey

netapi32

Netbios

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
CoCreateGuid

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

rpcrt4

UuidToStringA

winmm

timeGetTime

oleaut32

GetErrorInfo
SysAllocString
SysFreeString
VariantClear

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

wininet

InternetSetOptionA
HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetCloseHandle
InternetOpenUrlA

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

kernel32

CreateProcessA
WaitForSingleObject
MoveFileExA
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
CreateFileA
OpenProcess
Sleep
LoadLibraryA
GetLastError
GetProcAddress
FreeLibrary
GetVersionExA
GetSystemDirectoryA
GetModuleHandleA
GetModuleFileNameA
HeapFree
GetLocalTime
lstrlenA
GetCurrentDirectoryA
DeleteFileA
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
GetVersion
HeapSize
HeapAlloc
GetProcessHeap
SetLastError
InterlockedExchange
GetFullPathNameA
lstrcpyA
SleepEx
GetThreadTimes
GetCurrentThread
lstrcpynA
FreeEnvironmentStringsA
GetEnvironmentStrings
MultiByteToWideChar
lstrcmpiA
lstrcmpA
CloseHandle
GetCurrentProcessId
GetSystemInfo
LocalFree
FormatMessageA
GetWindowsDirectoryA
GetProcessTimes
GetCurrentProcess
GetEnvironmentVariableA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec8142584e8ef0d04d1bae51f1f3bfd5

Headers

File Characteristics

Imports

user32

msvcrt

advapi32

netapi32

ole32

shlwapi

rpcrt4

winmm

oleaut32

version

wininet

psapi

kernel32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 20KB - Virtual size: 21KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 20KB - Virtual size: 21KB

.reloc
Size: 8KB - Virtual size: 7KB