35d0b95b323127646244d5a61a403916

General

Target

35d0b95b323127646244d5a61a403916
Size

1.6MB
MD5

35d0b95b323127646244d5a61a403916
SHA1

503df36ca7a116aa32e32988f89dcd8fa449444f
SHA256

6722d83b16eceb7cf594b077e9229433cf50829af45c2efe2cea064d2b920d13
SHA512

937046884aee29bf8ec6a92211b815d2205eabe3cda0d18ed5a6d60d9c7998d319fc4a7a659b301a865d1929c6c5154e2644e3d1dc33996fe1f741d34f0c1f36
SSDEEP

3072:h58nVS9CNRMrdfbkqaX9y8lJupNO2hOtvncB4SMM99QmVK9yB4UZ:hmVMCTMrdbWQ8lJ4NO2hOtvLTm0yB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35d0b95b323127646244d5a61a403916

Files

35d0b95b323127646244d5a61a403916
.dll regsvr32 windows:4 windows x86 arch:x86

68c66c93477a92b7c1ba46f019c55dc6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
QueryDosDeviceA
SetWaitableTimer
SearchPathW
CloseHandle
Process32FirstW
SetConsoleScreenBufferSize
SetEvent
PeekConsoleInputA
RtlZeroMemory
QueueUserAPC
FormatMessageA

ntdll

RtlInitializeGenericTable
RtlAnsiStringToUnicodeString

user32

DestroyCursor
LoadMenuIndirectA
DestroyAcceleratorTable
LoadAcceleratorsW
LoadMenuA
LoadCursorW
LoadAcceleratorsA
LoadMenuW

advapi32

ChangeServiceConfigA

gdi32

ResizePalette
SetLayout
PtVisible
GetRandomRgn
GetSystemPaletteUse
SetPixelV

msvcrt

_atodbl
_sys_errlist
free
ldexp

shell32

SHDoDragDrop

rasapi32

RasGetProjectionInfoA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68c66c93477a92b7c1ba46f019c55dc6

Headers

File Characteristics

Imports

kernel32

ntdll

user32

advapi32

gdi32

msvcrt

shell32

rasapi32

Exports

Exports

Sections

.text Size: 135KB - Virtual size: 134KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 22KB - Virtual size: 254KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 135KB - Virtual size: 134KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 22KB - Virtual size: 254KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 2KB