544d5d6e34800786c2b2a069011b3454

Sharing

Copy URL Twitter E-mail

General

Target

544d5d6e34800786c2b2a069011b3454
Size

32KB
MD5

544d5d6e34800786c2b2a069011b3454
SHA1

ad37bc69104c38de93fd4db504abe1f6ebe944f1
SHA256

73e233cf576d3760661c015b91e4ebed4811be23424ceadb8bc7fd5bc187256b
SHA512

b5a298e81d4a2b369aeb36b1013b4206dd15b0074170121321fb247c679df474f2838df964aa3f4ab7b557b692e590bbf80f7e9ede69290b3d6300d79a208762
SSDEEP

768:aUYFMZcADeHNOW+z7TVssnuWqJbX14MxITIT8IeAC+c5uujCOlMgUc:bY2ZcADeHNOWu7esnkF4MxXYL5uANMg5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
544d5d6e34800786c2b2a069011b3454

Files

544d5d6e34800786c2b2a069011b3454
.dll regsvr32 windows:4 windows x86 arch:x86

c6e82809c05a17083c55da5ddbb93f95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetOpenUrlA
InternetOpenA
InternetConnectA
InternetCanonicalizeUrlA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetCrackUrlA
HttpOpenRequestA
HttpSendRequestA

shlwapi

UrlCompareA
StrStrW
StrToIntA
UrlUnescapeA
StrCmpNIA
StrRChrA
StrStrIA
StrStrA

kernel32

MultiByteToWideChar
GetACP
GetVersionExA
WideCharToMultiByte
GetShortPathNameA
DisableThreadLibraryCalls
TlsAlloc
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
CreateMutexA
InterlockedIncrement
CloseHandle
InterlockedDecrement
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
GetSystemTimeAsFileTime
MapViewOfFile
CreateFileMappingA
ReleaseMutex
lstrcpyA
WaitForSingleObject
lstrcatA
lstrlenA
UnmapViewOfFile
OutputDebugStringA
TlsSetValue
TlsGetValue
CreateProcessA
DeleteFileA
GetTempFileNameA
GetWindowsDirectoryA
GetLastError
CreateDirectoryA
GetFileAttributesA
GetTempPathA
lstrcpyW
lstrcmpW
OpenFileMappingA
OpenMutexA
TerminateThread
QueueUserAPC
lstrcmpiW
CreateThread
SleepEx
GetCurrentProcess
WaitForMultipleObjectsEx
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
OpenSemaphoreA
SetWaitableTimer
CreateEventA
CreateWaitableTimerA
CreateSemaphoreA
FreeLibrary
WaitForMultipleObjects
OpenEventA
lstrcmpiA
LoadLibraryA
SetEvent
Sleep
CreateRemoteThread
GetProcAddress
GetModuleHandleA
WriteProcessMemory
VirtualAllocEx
LocalFree
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
WriteFile
LoadResource
FindResourceExA
ReleaseSemaphore

user32

MsgWaitForMultipleObjects
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
wvsprintfA
DefWindowProcA
GetPropA
RegisterClassExA
SetWindowLongA
CreateWindowExA
wsprintfA
SetPropA
SetForegroundWindow
PeekMessageA
MsgWaitForMultipleObjectsEx
TranslateMessage
DispatchMessageA
CloseWindow
GetForegroundWindow
GetWindowLongA

advapi32

RegCloseKey
RegOpenKeyExA
SetSecurityInfo
RegQueryValueA
RegOpenKeyA
RegNotifyChangeKeyValue
RegCreateKeyA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegQueryValueExA

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance
CLSIDFromString

oleaut32

SysAllocString
VariantClear
SysStringByteLen
VariantInit
SysStringLen
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
OnShutdown
OnStartup
Run
Setup

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6e82809c05a17083c55da5ddbb93f95

Headers

DLL Characteristics

File Characteristics

Imports

wininet

shlwapi

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 640B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 640B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB