331640149012b61b11bfe40269af17ea

Sharing

Copy URL Twitter E-mail

General

Target

331640149012b61b11bfe40269af17ea
Size

184KB
MD5

331640149012b61b11bfe40269af17ea
SHA1

84c505b80bc9945dbedf85a23127a6af2b8c34c4
SHA256

e940bc2a663a821611a4d27dc1c571208306f3106cd1f074dd1a254c87ca7869
SHA512

30f2696cbd70752a1818eca7e43e563f0dc729c4698918e36a8fbf5c2c9194b2b59a411767f070cfb6c3692afec510209f88b0001a257b5f9097fd5b518f08e9
SSDEEP

3072:0XGtntpLdqAyLkFZGoM0xxgVRCiY0ufaDToIGacA37d4:0XGtntpXyIFZv4UtmOCd4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
331640149012b61b11bfe40269af17ea

Files

331640149012b61b11bfe40269af17ea
.dll regsvr32 windows:4 windows x86 arch:x86

826ce47d8f2e82d5b2992b5f7e95e2ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetOEMCP
GetStringTypeW
GetStringTypeA
GetCPInfo
LCMapStringW
LCMapStringA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
TerminateProcess
RtlUnwind
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
ExitProcess
VirtualAlloc
VirtualFree
GetVersion
GetCommandLineA
WideCharToMultiByte
HeapFree
HeapAlloc
HeapReAlloc
FormatMessageW
LocalFree
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
LockResource
InterlockedDecrement
InterlockedIncrement
lstrcatW
GetProcAddress
DeleteCriticalSection
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
lstrcpynW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
GetModuleFileNameW
GetModuleHandleW
GetShortPathNameW
DisableThreadLibraryCalls
LoadLibraryW
FreeLibrary
GetSystemDirectoryW
lstrcmpiW
GetSystemDefaultLCID
GetLastError
lstrcpyW
lstrlenA
MultiByteToWideChar
lstrlenW
lstrcmpW
GetACP
WriteFile

user32

SendDlgItemMessageW
GetDlgItem
SendMessageW
RedrawWindow
SetDlgItemTextW
wsprintfW
DefWindowProcW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
DrawTextW
LoadStringW
EqualRect
IntersectRect
EndPaint
GetClientRect
BeginPaint
GetWindowRect
DestroyMenu
TrackPopupMenu
ClientToScreen
CreatePopupMenu
MessageBoxW
GetSysColor
AppendMenuW
CreateMenu
TrackMouseEvent
GetCapture
DrawIconEx
IsWindow
SetRectEmpty
CopyRect
GetSystemMetrics
OffsetRect
SetWindowRgn
SetWindowPos
GetParent
SetFocus
GetFocus
IsChild
GetClassInfoExW
LoadCursorW
RegisterClassExW
GetDC
ReleaseDC
GetDialogBaseUnits
CreateWindowExW
CallWindowProcW
GetWindowLongW
SetWindowLongW
UnionRect
GetKeyState
CreateDialogParamW
IsDialogMessageW
WinHelpW
MoveWindow
ShowWindow
DestroyWindow
CharNextW
InvalidateRect
PtInRect
DrawStateW
FillRect
DrawEdge
LoadIconW
LoadBitmapW

gdi32

GetDeviceCaps
GetTextMetricsW
Polygon
CreatePen
MoveToEx
LineTo
CreateCompatibleDC
BitBlt
DeleteDC
SetTextColor
GetTextExtentPointW
CreateFontIndirectW
CreateRectRgnIndirect
CreateFontW
ExtTextOutW
TextOutW
SelectObject
DeleteObject
CreateSolidBrush
LPtoDP
CreateDCW
SetBkMode
EnumFontFamiliesExW
GetTextExtentPoint32W
DeleteMetaFile
CloseMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
CreateMetaFileW
SetViewportOrgEx
GetObjectW
SetBkColor
SetMapMode

comdlg32

ChooseColorW

advapi32

RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegEnumValueW
RegCloseKey
RegQueryInfoKeyW

ole32

OleSaveToStream
WriteClassStm
CreateDataAdviseHolder
OleLoadFromStream
OleRegEnumVerbs
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
OleRegGetUserType
CreateOleAdviseHolder
OleRegGetMiscStatus

oleaut32

OleTranslateColor
OleCreatePropertyFrame
LoadRegTypeLi
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
VariantClear
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysAllocString
VariantInit
GetErrorInfo
SysStringLen
SysAllocStringLen
SysFreeString

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

826ce47d8f2e82d5b2992b5f7e95e2ab

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

version

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 24KB - Virtual size: 22KB

.rsrc Size: 44KB - Virtual size: 42KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 24KB - Virtual size: 22KB

.rsrc
Size: 44KB - Virtual size: 42KB

.reloc
Size: 12KB - Virtual size: 8KB