7d611036199b0fe2f4ac19be22ff9425

Sharing

Copy URL

Twitter E-mail

General

Target

7d611036199b0fe2f4ac19be22ff9425
Size

196KB
MD5

7d611036199b0fe2f4ac19be22ff9425
SHA1

d0e13d54ec1fe740d0c91c7eccf55acf64de3c3d
SHA256

4b9ec227818536361e153e79d62af1e5f1f7dc0979b0c33a3ab24808f63a7b3c
SHA512

b840f8f9b490fd27653f5f0842484941b43d051779f5a6f706edad7844bd60f9fdac6bde8436e32474256e9bbbb4cfeb958a0b4f5360d28c4e67e651132517d2
SSDEEP

3072:Ba9QmP7HKzAjfvvBQZ52+TDf2wBCwCWsh2WzYDx/pyBLorPaQYiJ4+Hx+C0Rrkhs:s9zjKAHZQeOxBCMsh29lpaaiq4jC0F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d611036199b0fe2f4ac19be22ff9425

Files

7d611036199b0fe2f4ac19be22ff9425
.dll regsvr32 windows:6 windows x86 arch:x86

3fbdb6bec7e7b16f563c45076e7933c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_onexit
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_callnewh
malloc
__CxxFrameHandler3
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
_except_handler4_common
??1type_info@@UAE@XZ
_CxxThrowException
free
_unlock
__dllonexit
_lock
??0exception@@QAE@XZ
memcpy
wcsncpy_s
wcscat_s
memset
_wcsupr
wcsrchr
swprintf_s
sprintf_s

atl

ord21
ord32
ord15
ord23
ord22
ord18
ord16

iassvcs

IASGetProductLimits
IASVariantChangeType
IASRegisterComponent

advapi32

RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW
RegCloseKey

kernel32

CloseHandle
CreateFileW
FindResourceW
TryEnterCriticalSection
LoadResource
SizeofResource
GetModuleHandleW
GetSystemDirectoryW
GetModuleFileNameW
MultiByteToWideChar
lstrlenA
SetLastError
VirtualQuery
FormatMessageA
LocalFree
GetLastError
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
DisableThreadLibraryCalls
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SwitchToThread
ExpandEnvironmentStringsW

ole32

CoTaskMemAlloc
OleRun
CoCreateInstance
CoTaskMemFree

oleaut32

SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
VariantInit
VariantClear
GetErrorInfo
SysFreeString

rtutils

TraceRegisterExW
TraceDeregisterW
TraceVprintfExA
TracePutsExA

rpcrt4

CStdStubBuffer_CountRefs
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
NdrOleFree
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_DebugServerQueryInterface
NdrDllGetClassObject

vssapi

CreateWriter

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 51B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 159KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3fbdb6bec7e7b16f563c45076e7933c5

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

atl

iassvcs

advapi32

kernel32

ole32

oleaut32

rtutils

rpcrt4

vssapi

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 28KB

.orpc Size: 512B - Virtual size: 51B

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 2KB

.text Size: 159KB - Virtual size: 160KB

.text
Size: 28KB - Virtual size: 28KB

.orpc
Size: 512B - Virtual size: 51B

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 159KB - Virtual size: 160KB