3baef2bf84f80aa97eda322a8da5571f

Sharing

Copy URL

Twitter E-mail

General

Target

3baef2bf84f80aa97eda322a8da5571f
Size

943KB
MD5

3baef2bf84f80aa97eda322a8da5571f
SHA1

cabc21b12034843085955376b15a06e22d45a75d
SHA256

6593d57c8af7b47160f5a7f5c6a49632055950cc93f9053f26c891de015fae37
SHA512

ced2ad6da6a3e5756568b8cfaba43907f707b9dd9f4e19e5bb1638f83399e6d5ae6232d3eab3d7e68de7b78ae9cb7fa1a91473a0083e9f9eee9c09ebeae9a3f4
SSDEEP

6144:KK+fCxT7vjQFAfD9vo7zDqkA6W0ItH05bO5sepyx5sxTlKNzGy403g4f5:R+fCFL4LzDqkAp0nOiepyxaxTsNB403

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3baef2bf84f80aa97eda322a8da5571f

Files

3baef2bf84f80aa97eda322a8da5571f
.dll regsvr32 windows:5 windows x86 arch:x86

459327c9e47c2573f7f3350313dbb8da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetReadFile
InternetOpenW
InternetCloseHandle
InternetQueryDataAvailable
InternetOpenUrlW

winmm

timeSetEvent
timeGetDevCaps
timeKillEvent

imm32

ImmGetVirtualKey

kernel32

FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
CreateFileW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
GetCommandLineA
HeapReAlloc
Sleep
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
UnlockFile
GetModuleFileNameA
HeapCreate
HeapDestroy
VirtualFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrlenA
FindClose
GetModuleHandleA
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToSystemTime
GetCurrentProcessId
CloseHandle
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
WideCharToMultiByte
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
SetLastError
LoadLibraryW
GetThreadLocale
SetThreadLocale
DisableThreadLibraryCalls
FlushInstructionCache
LockResource
RaiseException
GetProcAddress
lstrcmpiW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetLastError
lstrlenW
GetModuleFileNameW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueue
InitializeCriticalSection
GetCurrentThreadId
DeleteCriticalSection
GetVersionExW
GetSystemTime
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
InterlockedCompareExchange
GetProcessHeap
GetStdHandle
IsProcessorFeaturePresent

user32

LoadCursorW
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
DestroyMenu
UnregisterClassW
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
PostQuitMessage
GetMenuState
RegisterWindowMessageW
LoadIconW
CharUpperW
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
UnhookWindowsHookEx
GetWindowTextW
GetFocus
SetWindowPos
SetFocus
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
MessageBeep
GetNextDlgGroupItem
ReleaseCapture
SetCapture
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
PostThreadMessageW
SendDlgItemMessageA
GetDlgItem
SetLayeredWindowAttributes
SetActiveWindow
KillTimer
SetTimer
PostMessageW
GetKeyState
GetClientRect
MoveWindow
GetActiveWindow
EnableWindow
CallWindowProcW
DefWindowProcW
SendMessageW
CharNextW
SetParent
ScreenToClient
ShowWindow
DestroyWindow
GetWindow
GetClassNameW
InvalidateRect
GetWindowLongW
SetWindowLongW
IsWindowVisible
GetWindowRect
IsWindowEnabled
IsWindow
SetWindowsHookExW
GetSystemMetrics
FindWindowExW
GetParent
CallNextHookEx

gdi32

ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
SetWindowExtEx
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetWindowExtEx
GetViewportExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
GetClipBox
SelectObject
Escape
TextOutW
RectVisible
SetMapMode
RestoreDC
SaveDC
DeleteObject
ExtTextOutW
GetTextColor
GetBkColor
GetStockObject
CreateBitmap
PtVisible

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
VariantChangeType
SysAllocStringLen
UnRegisterTypeLi
RegisterTypeLi
SysStringLen
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
VariantClear
VariantInit
DispCallFunc
SysFreeString
SysAllocString

iphlpapi

GetAdaptersInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 293KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED_
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

459327c9e47c2573f7f3350313dbb8da

Headers

DLL Characteristics

File Characteristics

Imports

wininet

winmm

imm32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

oledlg

ole32

oleaut32

iphlpapi

Exports

Exports

Sections

.text Size: 293KB - Virtual size: 292KB

.rdata Size: 74KB - Virtual size: 73KB

.data Size: 14KB - Virtual size: 28KB

.SHARED_ Size: 2.0MB - Virtual size: 2.0MB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 43KB - Virtual size: 42KB

.text
Size: 293KB - Virtual size: 292KB

.rdata
Size: 74KB - Virtual size: 73KB

.data
Size: 14KB - Virtual size: 28KB

.SHARED_
Size: 2.0MB - Virtual size: 2.0MB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 43KB - Virtual size: 42KB