7a90071c763a3955727d6e3c7e0f0389

Sharing

Copy URL Twitter E-mail

General

Target

7a90071c763a3955727d6e3c7e0f0389
Size

148KB
MD5

7a90071c763a3955727d6e3c7e0f0389
SHA1

266af6bcd8c993d75f5aafee1ddad420b79af1be
SHA256

3df308d3fe35343b41b1f1bb94171f2c08090b6391a270646ab7d51ac4f80cb5
SHA512

a36c12d7dd0645e9b5e50a2b493bd3b21e3e28607ec9c7b07922f1be4307470d849ca6a04a5fc0694b99c9659cc6cbd13af2cd66809c7bcca1bcdfdeb14c5916
SSDEEP

3072:Oy/owrpZrgMhbpAVdEV+bIs/Tnqj9lEvyh0x98Ggp4BH589dYgqrZuHIT:cdu+b5M9h/GgA589dYfto

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a90071c763a3955727d6e3c7e0f0389

Files

7a90071c763a3955727d6e3c7e0f0389
.dll regsvr32 windows:4 windows x86 arch:x86

0e8457931e6025970696e9132a5b6516

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

LockResource
GetWindowsDirectoryA
GetProcAddress
FindResourceA
LoadResource
InterlockedIncrement
GetLastError
InterlockedDecrement
GetFileAttributesA
GetModuleFileNameA
lstrcatA
DisableThreadLibraryCalls
GetVersion
InitializeCriticalSection
lstrcpynA
DeleteCriticalSection
FreeLibrary
GlobalAlloc
CreateFileA
GetFileSize
GlobalUnlock
GlobalLock
ReadFile
IsDBCSLeadByte
GlobalFree
CloseHandle
LoadLibraryA
GetLocaleInfoA
lstrcmpiA
MulDiv
GetProcessHeap
HeapFree
lstrlenA
WideCharToMultiByte
lstrlenW
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
lstrcpyA
HeapAlloc
MultiByteToWideChar

user32

OffsetRect
ClientToScreen
IntersectRect
SetWindowRgn
GetActiveWindow
EqualRect
PtInRect
CallWindowProcA
ReleaseCapture
SetCapture
GetCapture
ScrollWindowEx
BeginPaint
MoveWindow
UpdateWindow
IsWindowEnabled
InflateRect
GetWindowTextA
SetWindowTextA
UnregisterClassA
DestroyWindow
CharNextA
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
IsWindow
MessageBeep
MessageBoxA
SetFocus
IsWindowVisible
GetClientRect
EndPaint
SetWindowLongA
DefWindowProcA
RegisterClassA
GetWindowLongA
ShowWindow
SetParent
LoadStringA
GetKeyState
wsprintfA
WinHelpA
GetWindow
IsDialogMessageA
SetWindowPos
InvalidateRect
GetFocus
CheckDlgButton
SetRect
DrawFocusRect
LoadBitmapA
MapDialogRect
IsDlgButtonChecked
EnableWindow
GetDC
GetSysColor
FillRect
DrawEdge
DrawTextA
ReleaseDC
ValidateRect
GetDlgItem
GetWindowRect
ScreenToClient
SendMessageA
GetParent
CreateDialogIndirectParamA
GetNextDlgTabItem
IsChild
CreateWindowExA

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemFree

advapi32

RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

LoadRegTypeLi
OleCreatePropertyFrame
SetErrorInfo
LoadTypeLibEx
UnRegisterTypeLi
SysAllocStringLen
RegisterTypeLi
GetErrorInfo
LoadTypeLi
SysAllocString
OleCreatePictureIndirect
VariantChangeType
OleLoadPicture
OleTranslateColor
SysStringLen
VariantInit
VariantClear
OleCreateFontIndirect
CreateErrorInfo
SysFreeString

comdlg32

GetOpenFileNameA
ChooseColorA

gdi32

CreateRectRgnIndirect
GetPixel
CreateCompatibleDC
GetViewportExtEx
CreateBitmap
SetWindowOrgEx
SetViewportOrgEx
CreateDCA
SetViewportExtEx
SetMapMode
SetWindowExtEx
GetWindowExtEx
DeleteObject
LPtoDP
GetDeviceCaps
CreateICA
DeleteDC
SetBkColor
SetTextColor
SelectObject
GetObjectA
ExtTextOutA
CreateSolidBrush
CreateFontIndirectA
EnumFontFamiliesA
GetTextExtentPoint32A
BitBlt

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e8457931e6025970696e9132a5b6516

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 1KB

.idata Size: 64KB - Virtual size: 60KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.idata
Size: 64KB - Virtual size: 60KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 4KB