6636fd123e77073c1a07d1ec0831334c

Sharing

Copy URL Twitter E-mail

General

Target

6636fd123e77073c1a07d1ec0831334c
Size

592KB
MD5

6636fd123e77073c1a07d1ec0831334c
SHA1

39ea6f28d5b30675760f29df68160a81d5df349e
SHA256

e85c1802ae3c7af9b7967ceadaf0504823f092abba04ba912576edbfd421e76a
SHA512

3ac59d1ad36eb1c052c272a11c6dd78dbebb5061b8b79a2a1f0108f8208be7fb9cc8e6208124b12c779e2bdc845882cfd432a84427e2c5c312c4d3275b054849
SSDEEP

12288:8rXUXLyZqsQoK2AyPaGJuVpk+v9LybKslc9OyGs2+eD:SUX4K2kGJMpkwLyllA7l2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6636fd123e77073c1a07d1ec0831334c

Files

6636fd123e77073c1a07d1ec0831334c
.dll regsvr32 windows:4 windows x86 arch:x86

d52e386cb07e1e13a6b9de526bbe1d78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

free
_onexit
_adjust_fdiv
_initterm
malloc
__dllonexit
memcmp
__CxxFrameHandler
_purecall
memset
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
_errno
fputs
_iob
qsort
pow
memmove
_except_handler3

winmm

timeGetTime
timeSetEvent

kernel32

SetEvent
GetSystemInfo
VirtualAlloc
CreateSemaphoreA
ReleaseSemaphore
SetErrorMode
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
FreeLibrary
InterlockedDecrement
LoadLibraryA
CloseHandle
CreateEventA
ResetEvent
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
MultiByteToWideChar
WaitForMultipleObjects
WaitForSingleObject
GetTickCount
lstrcmpiA
InterlockedExchange
CreateThread
VirtualFree
GetVersionExA
DisableThreadLibraryCalls
lstrlenA
GetModuleHandleA
GetLastError
WideCharToMultiByte
GetProcAddress
GetThreadPriority
SetThreadPriority
GetACP
GetCurrentThread

advapi32

RegQueryValueExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueA
RegCreateKeyA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

user32

KillTimer
CheckDlgButton
GetWindowLongA
SetTimer
IsDlgButtonChecked
CreateDialogParamA
MoveWindow
SetWindowLongA
ShowWindow
DestroyWindow
DefWindowProcA
SetDlgItemTextA
MsgWaitForMultipleObjects
wvsprintfA
PostThreadMessageA
wsprintfA
GetQueueStatus
DispatchMessageA
LoadStringA
LoadStringW
GetWindowRect
GetDesktopWindow
PeekMessageA
InvalidateRect
RegisterWindowMessageA

ole32

StringFromGUID2
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
CoFreeUnusedLibraries
CoTaskMemAlloc

oleaut32

SysAllocString
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d52e386cb07e1e13a6b9de526bbe1d78

Headers

File Characteristics

Imports

msvcrt

winmm

kernel32

advapi32

version

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 272KB - Virtual size: 271KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 116KB - Virtual size: 115KB

.data1 Size: 144KB - Virtual size: 143KB

.rsrc Size: 16KB - Virtual size: 13KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 272KB - Virtual size: 271KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 116KB - Virtual size: 115KB

.data1
Size: 144KB - Virtual size: 143KB

.rsrc
Size: 16KB - Virtual size: 13KB

.reloc
Size: 16KB - Virtual size: 13KB