76bd381b59df8c0cf2e5eccea67a6236

Sharing

Copy URL Twitter E-mail

General

Target

76bd381b59df8c0cf2e5eccea67a6236
Size

124KB
MD5

76bd381b59df8c0cf2e5eccea67a6236
SHA1

5ebc2b232cf9a468fe07fb72effda1c3a59b8cfa
SHA256

98bea10f74cdf730c512d674181551b50c5ffce3f033b594c220e6ffc7913e95
SHA512

73ce361eabf21495a510e8a5c3e9310514169d16c4b6031b65c4670bcdbcad314a27bd56286aa82dd793da903de72d57b0d5b7086302527a8a0f8e9c29d785ae
SSDEEP

1536:XsXHV0AdnWQ8VvxnglJaj6nlCd9HK4lzjvLG8XGUSrnmXtXXQXwlg60gFIcN:U2AdnWVvxglJPMlzjbqadXXQAlYgFDN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76bd381b59df8c0cf2e5eccea67a6236

Files

76bd381b59df8c0cf2e5eccea67a6236
.dll regsvr32 windows:4 windows x86 arch:x86

950d0bb2d64300d50e8a6635d558268f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
IsDBCSLeadByte
InterlockedIncrement
InterlockedDecrement
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
SetFileAttributesA
CloseHandle
OpenMutexA
GetVolumeInformationA
GetFileAttributesA
GetProcAddress
GetModuleFileNameA
GetSystemDirectoryA
GetWindowsDirectoryA
WaitForSingleObject
LoadLibraryA
CreateProcessA
CopyFileA
GetShortPathNameA
DeviceIoControl
GetSystemTimeAsFileTime
lstrcpyA
lstrcpynA
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
InterlockedExchange
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
CreateFileA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetFilePointer
IsBadCodePtr
IsBadReadPtr
GetCPInfo
GetOEMCP
WriteFile
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
CreateDirectoryA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetUnhandledExceptionFilter
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

CharNextA

advapi32

OpenServiceA
OpenServiceW
QueryServiceStatus
OpenSCManagerA
CloseServiceHandle
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysAllocString
SysStringLen
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysFreeString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

950d0bb2d64300d50e8a6635d558268f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 11KB