7cf102fa9a30388974681972ee5fa2cd | Triage

Sharing

General

Target

7cf102fa9a30388974681972ee5fa2cd
Size

44KB
MD5

7cf102fa9a30388974681972ee5fa2cd
SHA1

fb58fcedecbcfc6ab61cc137c148c4b4480a5b65
SHA256

36a1ee77a2343ff34b463324ba190041df427eccc1b0173700835e253b42a90e
SHA512

307ca47444c96de74c767070ee9a656b32ff1d77d3d05065a8b1850dba80aa03a283d49243bce68e25040772491f4b42ca6cb1fbb26150cb3402c380928227d4
SSDEEP

384:Ctednsbm11zJ6JoGtqaEGOa09q6saaMq8DDtkav5ehxrCJiCmnQlPJpJgLa0MpLd:T4O6doaqPJakDpkavAxDBQlxgLa1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7cf102fa9a30388974681972ee5fa2cd

Files

7cf102fa9a30388974681972ee5fa2cd
.dll regsvr32 windows:4 windows x86 arch:x86

e64db85d01aa4c742d72446f9f398146

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocalTime
WinExec
GetModuleFileNameA
GetSystemDirectoryA
CreateThread
VirtualAlloc
InterlockedIncrement
LoadLibraryA
GetProcAddress
CloseHandle
CreateMutexA
GetLastError
GetWindowsDirectoryA

user32

CallNextHookEx
RegisterClassExA
GetMessageA
TranslateMessage
DispatchMessageA
KillTimer
SetTimer
DefWindowProcA
UnhookWindowsHookEx
CreateWindowExA
ShowWindow
FindWindowExA
PostMessageA
SetWindowsHookExA

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

msvcrt

free
strrchr
_except_handler3
__CxxFrameHandler
strchr
_stricmp
fopen
fwrite
fclose
_initterm
malloc
_adjust_fdiv
sprintf
??3@YAXPAX@Z
??2@YAPAXI@Z

Exports

Exports

CyodLR
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 922B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ