7a8ec72cbdc1dc28022f31e01e891f9c

Sharing

Copy URL Twitter E-mail

General

Target

7a8ec72cbdc1dc28022f31e01e891f9c
Size

3.4MB
MD5

7a8ec72cbdc1dc28022f31e01e891f9c
SHA1

106b9643e16f6e276c21c90667be4ed34a59f234
SHA256

1b1e0a738b0de9b0db87d52b0643380d496c5e641a91f4a2e6cb6f8a013785d0
SHA512

43249f0d7a40ee6c161cf8c04ee97e4c5bcc1d511ac91e4221a5d145aee3003d6f36ff1662f7e27375efe2b3a3f7d0eb98931b416fe0df712c29379186322db2
SSDEEP

49152:xkzAiWOknf0d1TeNR7Yr8pzPyuBQhcXDWcMYsAPHjqO0EIQjjJ9js+pM+chAsStk:x4ABMdl3r8pbyuvMYsRO0gHJXM+H/t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a8ec72cbdc1dc28022f31e01e891f9c

Files

7a8ec72cbdc1dc28022f31e01e891f9c
.dll windows:6 windows x86 arch:x86

1563387d36e55265b78d8fc233120264

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_CIsqrt
_ltow
_itow
memmove
atoi
_unlock
__dllonexit
_lock
_onexit
_CIatan2
_CIcos
_CIsin
ceil
wcsspn
floor
strtol
strrchr
wcstok
_ultoa
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
_purecall
_wcsicmp
_wtoi
_wcsrev
bsearch
qsort
wcsstr
_ultow
_wcsnicmp
wcstol
_vsnwprintf
wcschr
_wtol
memcpy
_errno
wcsrchr
_vsnprintf
memset

ntdll

RtlUnwind

gdi32

GetBkColor
PtInRegion
GetFontUnicodeRanges
GetTextCharsetInfo
EnumObjects
CreateDIBSection
GetDIBColorTable
SetDIBColorTable
GetEnhMetaFilePaletteEntries
SetEnhMetaFileBits
SetMetaFileBitsEx
SetDIBitsToDevice
CreateICW
CreateEnhMetaFileW
GetEnhMetaFileW
CreatePolygonRgn
GetNearestPaletteIndex
GetGlyphOutlineW
TranslateCharsetInfo
GetTextFaceW
GetCharWidthW
GetCharWidth32W
GetTextColor
GetNearestColor
GetCharWidthA
Escape
ExtTextOutA
SetBkMode
IntersectClipRect
ExcludeClipRect
SetDIBits
Rectangle
GetCharABCWidthsW
PlayEnhMetaFile
SetBrushOrgEx
StretchDIBits
StretchBlt
MaskBlt
GetCurrentPositionEx
DeleteObject
OffsetRgn
GetViewportOrgEx
SetViewportOrgEx
EqualRgn
GetRgnBox
CreateRectRgnIndirect
ExtEscape
GetDeviceCaps
RestoreDC
SaveDC
SelectPalette
GetStockObject
SelectClipRgn
GetObjectType
CombineRgn
RealizePalette
CreatePalette
GetRegionData
GetRandomRgn
GetClipBox
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
CreateSolidBrush
SelectObject
GdiFlush
CreateRectRgn
CreatePen
ExtCreatePen
UnrealizeObject
DeleteMetaFile
GetTextCharset
CreateFontIndirectW
EnumFontFamiliesExW
EnumFontsW
SetBkColor
SetTextColor
CreateDCW
ExtTextOutW
CloseMetaFile
SetWindowExtEx
SetWindowOrgEx
SetMapMode
CreateMetaFileA
DeleteEnhMetaFile
CloseEnhMetaFile
LPtoDP
GetWindowExtEx
GetWindowOrgEx
PlayMetaFile
SetViewportExtEx
GetTextExtentPoint32W
GetTextMetricsW
GetObjectW
SetROP2
CreatePatternBrush
CreateBitmap
BitBlt
GetDIBits
GetPaletteEntries
GetOutlineTextMetricsW
SetStretchBltMode
GetClipRgn
CreateEllipticRgn
OffsetViewportOrgEx
GetEnhMetaFileHeader
CreateHatchBrush
GetTextAlign
SetTextAlign
GetCurrentObject
PatBlt
ExtCreateRegion
ExtSelectClipRgn
Polygon
MoveToEx
LineTo
Polyline
Ellipse

kernel32

SetErrorMode
GetUserDefaultLangID
SetEndOfFile
GetStringTypeW
_lread
GlobalFlags
FlushViewOfFile
ReleaseMutex
CreateFileMappingA
CreateFileA
CreateDirectoryA
CreateMutexA
LCMapStringA
GetExitCodeThread
SwitchToFiber
ConvertThreadToFiber
DeleteFiber
CreateFiber
FreeLibraryAndExitThread
TerminateThread
RaiseException
IsProcessorFeaturePresent
ExpandEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
SetLastError
CompareFileTime
GetFileAttributesExW
GetLongPathNameW
FindResourceExW
CreateFileMappingW
GetSystemDefaultUILanguage
SearchPathW
GetSystemWindowsDirectoryW
GetModuleFileNameW
GetVersionExW
GetCurrentThreadId
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
TlsGetValue
GetModuleHandleW
TlsSetValue
InitializeCriticalSection
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
CloseHandle
UnmapViewOfFile
TlsFree
LocalFree
LocalAlloc
MapViewOfFile
OpenFileMappingA
GetCurrentProcessId
TlsAlloc
MulDiv
GetTickCount
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
MultiByteToWideChar
GetLastError
GetSystemDirectoryW
WideCharToMultiByte
LoadLibraryW
InterlockedExchange
FindAtomW
GetCurrentProcess
GetModuleFileNameA
GetProfileIntA
lstrlenW
WriteFile
SetFilePointer
ReadFile
GlobalSize
GetProcAddress
LoadLibraryExW
CreateFileW
GetTempFileNameW
GetTempPathW
DeleteFileW
GetFileSize
ExpandEnvironmentStringsW
GetShortPathNameW
GetCPInfo
GetSystemInfo
GetSystemDefaultLCID
GetUserDefaultLCID
GetFullPathNameW
OpenMutexA
OpenProcess
CopyFileW
CreateDirectoryW
GetFileAttributesW
SystemTimeToFileTime
GetSystemTime
FindClose
FindFirstFileW
lstrlenA
IsDBCSLeadByteEx
GetFileType
SetEvent
WaitForSingleObject
ResumeThread
CreateThread
CreateEventW
GetCommandLineW
GlobalDeleteAtom
GlobalAddAtomW
GlobalFindAtomW
GetLocalTime
GetLocaleInfoA
GetACP
GetVersion
GetProcessHeap
CompareStringW
OutputDebugStringA
Sleep
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
LoadLibraryExA
SearchPathA
GetFullPathNameA
LoadLibraryA
GetUserDefaultUILanguage
EnumUILanguagesW
GetLocaleInfoW
IsValidCodePage
FileTimeToSystemTime
FileTimeToLocalFileTime
HeapSize
HeapAlloc
HeapFree
HeapReAlloc
SizeofResource
VirtualQuery
LockResource
LoadResource
FindResourceW
ActivateActCtx
DeactivateActCtx
ReleaseActCtx
CreateActCtxW
FormatMessageW

user32

CharLowerW
PtInRect
CopyAcceleratorTableW
LoadAcceleratorsW
VkKeyScanW
SendMessageW
EnableMenuItem
CheckMenuItem
GetMenuItemID
GetMenuItemCount
SystemParametersInfoW
WindowFromPoint
GetAsyncKeyState
DispatchMessageW
GetMessageW
GetAncestor
EnableWindow
AllowSetForegroundWindow
SetDlgItemTextW
GetDlgItemTextW
WinHelpW
IsChild
SetForegroundWindow
ShowWindow
IsIconic
IsWinEventHookInstalled
PeekMessageW
SetParent
OffsetRect
CopyRect
MessageBoxW
DestroyMenu
SetCursor
GetSubMenu
LoadMenuW
LoadCursorW
DeleteMenu
InsertMenuW
GetMenuState
ReleaseCapture
GetCapture
IsCharAlphaNumericW
IsWindowUnicode
GetWindowThreadProcessId
GetDlgItem
InflateRect
CreateAcceleratorTableW
CreateWindowExW
GetDC
SetCapture
FillRect
GetUpdateRect
GetWindowDC
EqualRect
ValidateRgn
LockWindowUpdate
ChildWindowFromPointEx
PostQuitMessage
SetWindowTextW
GetMonitorInfoW
MonitorFromWindow
MoveWindow
BringWindowToTop
RemoveMenu
GetSystemMenu
AdjustWindowRectEx
MonitorFromPoint
GetCaretBlinkTime
PostThreadMessageW
GetWindowTextW
GetLastActivePopup
FindWindowW
RegisterClassW
IsWindowVisible
CheckMenuRadioItem
GetMenuStringW
CreatePopupMenu
AppendMenuW
CharUpperW
IsCharAlphaW
AttachThreadInput
CharNextW
GetKeyboardLayoutList
UnregisterClassW
RegisterClassExW
GetClassInfoExW
ShowCaret
HideCaret
RegisterClipboardFormatA
LoadBitmapW
TrackPopupMenu
ShowCursor
GetCursor
LoadCursorA
DestroyCursor
MessageBeep
GetClassInfoW
SetRect
GetWindowInfo
GetSysColorBrush
GetDoubleClickTime
SetCursorPos
WaitMessage
FrameRect
DrawEdge
DrawFocusRect
DrawFrameControl
DrawTextW
SetCaretPos
CreateCaret
CharLowerBuffW
SetRectEmpty
IsCharLowerW
MonitorFromRect
SendMessageA
GetComboBoxInfo
CallWindowProcW
MsgWaitForMultipleObjects
SubtractRect
MessageBoxA
InSendMessage
TrackMouseEvent
CreateWindowExA
AppendMenuA
GetActiveWindow
GetMessagePos
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyExW
ToAsciiEx
WindowFromDC
InvalidateRgn
MapWindowPoints
BeginPaint
EndPaint
IsRectEmpty
UpdateWindow
RedrawWindow
GetSysColor
CharToOemW
GetForegroundWindow
RegisterClipboardFormatW
RegisterWindowMessageW
TranslateMessage
KillTimer
DestroyWindow
DialogBoxParamW
ClientToScreen
GetKeyState
NotifyWinEvent
DestroyCaret
SetFocus
GetClassNameW
EndDialog
GetWindowLongW
LoadStringW
GetCursorPos
GetClientRect
GetDesktopWindow
EnumChildWindows
GetFocus
SetTimer
GetParent
SetActiveWindow
GetDCEx
GetUpdateRgn
ValidateRect
ScrollDC
ReleaseDC
GetSystemMetrics
SetWindowPos
BeginDeferWindowPos
IsWindow
DeferWindowPos
EndDeferWindowPos
GetWindowRgn
SetWindowRgn
InvalidateRect
RemovePropW
SetWindowsHookExW
CallNextHookEx
GetPropW
SetPropW
GetWindowRect
ScreenToClient
IntersectRect
UnionRect
GetWindow
DefWindowProcW
SetWindowLongW
PostMessageW
UnhookWindowsHookEx
LoadImageW
LoadIconW
SendDlgItemMessageW
GetMessageTime

advapi32

GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegQueryInfoKeyW
RegOpenKeyExA
RegisterTraceGuidsW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegQueryValueW
RegEnumKeyW
RegEnumKeyExW
RegOpenKeyW
RegOpenKeyA
TraceEvent
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
UnregisterTraceGuids

ole32

CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize
CoFreeUnusedLibraries
CoGetMarshalSizeMax
CoMarshalInterface
CoUnmarshalInterface
CLSIDFromProgID
StringFromCLSID
ReleaseStgMedium
CoTaskMemAlloc
CreateStreamOnHGlobal
OleGetClipboard
CreateBindCtx
OleUninitialize
OleInitialize
CoRegisterMessageFilter
RegisterDragDrop
CreateOleAdviseHolder
OleGetIconOfClass
RevokeDragDrop
OleTranslateAccelerator
WriteClassStm
CreateDataAdviseHolder
WriteFmtUserTypeStg
WriteClassStg
StgCreateDocfile
CreateDataCache
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
CoRevokeClassObject
CoRegisterClassObject
CLSIDFromString
GetHGlobalFromStream
CoCreateGuid
OleFlushClipboard
OleSetClipboard
OleIsCurrentClipboard
ProgIDFromCLSID
StringFromGUID2
OleQueryLinkFromData
OleQueryCreateFromData
DoDragDrop
CoFileTimeNow
OleRegGetUserType
OleCreateFromData
IIDFromString
CoGetTreatAsClass
StgOpenStorage
OleRun
CoGetClassObject
CoInitializeEx
MkParseDisplayName
OleSaveToStream

iertutil

ord30
ord44
ord9
ord25
ord35
ord32
ord26
ord19
ord18
ord42
ord17
ord21

shlwapi

PathFindFileNameW
SHQueryValueExW
SHRegGetValueW
StrToIntExW
PathAppendW
PathQuoteSpacesW
PathAddBackslashW
ord167
ord24
ord231
SHEnumValueW
PathCreateFromUrlW
ord437
ord15
StrChrW
StrStrW
UrlIsW
UrlCreateFromPathW
StrStrIW
SHSetValueW
PathFileExistsW
ord16
PathUndecorateW
UrlGetLocationW
ord2
PathIsFileSpecW
UrlCompareW
UrlCanonicalizeW
StrCmpW
UrlIsOpaqueW
StrCmpNW
AssocQueryKeyW
UrlUnescapeW
PathGetCharTypeW
PathCanonicalizeW
StrTrimW
UrlApplySchemeW
ChrCmpIW
ord225
StrToIntW
ord172
ord174
PathUnquoteSpacesW
PathRemoveBlanksW
PathRemoveArgsW
PathFindExtensionW
SHStrDupW
PathIsRelativeW
ord29
AssocQueryStringW
StrCmpNIW
PathGetDriveNumberW
PathIsUNCW
HashData
SHGetInverseCMAP
SHCreateShellPalette
UrlGetPartW
AssocGetPerceivedType
PathFileExistsA
PathAppendA
ord163
ord439
ord382
ord164
ord30
ord33
ord34
ord281
ord413
ord13
wnsprintfW
PathStripPathW
StrStrIA
SHGetValueW
StrCmpIW
ord154
ord176
ord156
ord158
AssocIsDangerous

msls31

ord40
ord17
ord19
ord15
ord6
ord7
ord10
ord53
ord39
ord20
ord16
ord75
ord52
ord50
ord51
ord49
ord42
ord43
ord73
ord72
ord48
ord3
ord5
ord1
ord62
ord63
ord66
ord61
ord71
ord2
ord44
ord55
ord41
ord27
ord68
ord11
ord12
ord13
ord14
ord79

psapi

GetModuleBaseNameW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Exports

Exports

ClearPhishingFilterData
ConvertAndEscapePostData
CreateHTMLPropertyPage
DllCanUnloadNow
DllEnumClassObjects
DllGetClassObject
MatchExactGetIDsOfNames
PrintHTML
RunHTMLApplication
ShowHTMLDialog
ShowHTMLDialogEx
ShowModalDialog
ShowModelessHTMLDialog

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1563387d36e55265b78d8fc233120264

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ntdll

gdi32

kernel32

user32

advapi32

ole32

iertutil

shlwapi

msls31

psapi

version

Exports

Exports

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.data Size: 43KB - Virtual size: 54KB

.rsrc Size: 228KB - Virtual size: 227KB

.reloc Size: 136KB - Virtual size: 136KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.data
Size: 43KB - Virtual size: 54KB

.rsrc
Size: 228KB - Virtual size: 227KB

.reloc
Size: 136KB - Virtual size: 136KB