c3739e7c3a6c24fe96f51b12ef934541edfffccdea2da49a4153805e6e90f5c1

Sharing

Copy URL

Twitter E-mail

General

Target

c3739e7c3a6c24fe96f51b12ef934541edfffccdea2da49a4153805e6e90f5c1
Size

206KB
MD5

b01ec8383d3f7d9da64249115a452f6d
SHA1

108aad66f4aec406523fb2089dbe37288e54177c
SHA256

c3739e7c3a6c24fe96f51b12ef934541edfffccdea2da49a4153805e6e90f5c1
SHA512

e5bc054a889fa95a061362d9455f6cff020e2b5b398e14992763fbee3040881111f4074eba4c171d2a613c818020e67c607419da32fd8a924cf60299eb4b912f
SSDEEP

3072:SJy6L390/Au9v07oKjNHvygzkUFQ6jLzBl23p0iRBOhuAkAg0Fuc/OQhJdyi38x+:Sh390/Au67oKjN9zQSBcJBOGAOvCz8K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3739e7c3a6c24fe96f51b12ef934541edfffccdea2da49a4153805e6e90f5c1

Files

c3739e7c3a6c24fe96f51b12ef934541edfffccdea2da49a4153805e6e90f5c1
.dll regsvr32 windows:5 windows x86 arch:x86

0d354cb475898ea3e5dc97fc6b6300f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
SetEvent
LoadResource
SizeofResource
lstrcmpiW
CreateEventW
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
MultiByteToWideChar
WaitForSingleObject
CloseHandle
LockResource
FindResourceExW
GetCurrentProcessId
GetCurrentThreadId
GetLastError
EncodePointer
GetThreadLocale
SetThreadLocale
GetCurrentProcess
WriteFile
GetTickCount
LoadLibraryW
GetModuleFileNameA
GetCommandLineA
CreateDirectoryW
CreateFileW
QueryPerformanceCounter
WideCharToMultiByte
LCMapStringW
GetSystemTimeAsFileTime
RaiseException
GetProcessHeap
HeapSize
DecodePointer
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
OutputDebugStringW
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetOEMCP
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
GetCPInfo
GetStringTypeW
IsDebuggerPresent
LocalFree
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
GetFileType
GetStdHandle
GetACP
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
RtlUnwind
InitializeSListHead
GetStartupInfoW
UnhandledExceptionFilter

user32

CharNextW

advapi32

RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW

shell32

SHGetSpecialFolderPathW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitializeEx
CoUninitialize
StringFromGUID2
CoMarshalInterface
CreateStreamOnHGlobal
CoCreateInstance

oleaut32

SysAllocStringLen
SysAllocString
DispCallFunc
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
RegisterTypeLi
VariantInit
VariantTimeToSystemTime
SysStringLen
SysFreeString
VariantClear
UnRegisterTypeLi

shlwapi

PathAppendW
PathFileExistsW

rpcrt4

RpcAsyncInitializeHandle
RpcBindingFree
NdrAsyncClientCall
RpcStringBindingComposeW
RpcAsyncCancelCall
RpcStringFreeW
RpcAsyncCompleteCall
RpcBindingFromStringBindingW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d354cb475898ea3e5dc97fc6b6300f0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

rpcrt4

Exports

Exports

Sections

.text Size: 118KB - Virtual size: 117KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 118KB - Virtual size: 117KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 9KB - Virtual size: 8KB