774b905c893f525ae3e67605f616c88c

Sharing

Copy URL Twitter E-mail

General

Target

774b905c893f525ae3e67605f616c88c
Size

204KB
MD5

774b905c893f525ae3e67605f616c88c
SHA1

ee1185602c9d4b9b418fb346fbbfdcbcbddbdd0a
SHA256

13ebf25d8159398140333989b1157d0868abb737eace3e068fdfbafe90422b65
SHA512

9e672cb91324cb85df345540a39d3c3a958aab3e817e76cdff38993be333386fb63a50835a2d0feaed806f222cf1c59b7f1d8a102c297edf01cdce7c4ea31f64
SSDEEP

3072:pOnUMpS9c0uzaHPOu3/hwEowakmBG7NknrBFhPif3fP9jDigGScsX:wKdHPOu32Aa7BGinrdifv9DDG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
774b905c893f525ae3e67605f616c88c

Files

774b905c893f525ae3e67605f616c88c
.dll regsvr32 windows:4 windows x86 arch:x86

37d4171945178c8a2a603a307fe597b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadResource
FindResourceA
GetLastError
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
GetLocalTime
FreeResource
SizeofResource
GlobalLock
GlobalAlloc
LockResource
ReleaseSemaphore
WaitForSingleObject
SetEvent
InterlockedExchange
CreateEventA
CreateSemaphoreA
CloseHandle
GetTickCount
FreeLibrary
GetModuleFileNameA
GetShortPathNameA
InitializeCriticalSection
DisableThreadLibraryCalls
lstrlenW
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
GlobalUnlock
Sleep
SetEndOfFile
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
CreateFileA
SetFilePointer
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
GetCommandLineA
GetVersion
RaiseException
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
ReadFile
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers

user32

MsgWaitForMultipleObjects
wsprintfA
PostQuitMessage
DispatchMessageA
PeekMessageA
CharNextA

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CreateStreamOnHGlobal
CoTaskMemFree
CoGetClassObject

oleaut32

SysAllocStringLen
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysStringLen
SysFreeString
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

37d4171945178c8a2a603a307fe597b0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 36KB - Virtual size: 33KB

.reloc Size: 8KB - Virtual size: 6KB

.rmnet Size: 52KB - Virtual size: 52KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 36KB - Virtual size: 33KB

.reloc
Size: 8KB - Virtual size: 6KB

.rmnet
Size: 52KB - Virtual size: 52KB