7cd99b04ba24a9fddc7ce42583d54c95

Sharing

Copy URL Twitter E-mail

General

Target

7cd99b04ba24a9fddc7ce42583d54c95
Size

589KB
MD5

7cd99b04ba24a9fddc7ce42583d54c95
SHA1

c90d8b2888f7bd4af7f558584b9b007bc1785852
SHA256

26bddbdc470147c2507d7232df9fe0f67167c3c8a005cb737ad08c50da43bb1c
SHA512

d8f00cebc058a12e8f718f285a451477790b1e49e98ca16abee8e29dc9559c1a5939439b1eee4561f9b3e64f47f635a01daaca50cad8ee4878a21342747b6c4b
SSDEEP

6144:IiYHg+akjBeHNMNaFdTRLSO20Oc40jJtf9JwLqf+3//AxOXdsP20j29odetbW:xYHgXCaN2E/0wxONs+0qtW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7cd99b04ba24a9fddc7ce42583d54c95

Files

7cd99b04ba24a9fddc7ce42583d54c95
.dll regsvr32 windows:5 windows x86 arch:x86

fcc3a0f78f6e12000dc0d184359c26a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
wcslen
wcspbrk
_finite
_CxxThrowException
__CxxFrameHandler
??2@YAPAXI@Z
wcscmp
free
realloc
_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
floor
_HUGE
iswspace
wcschr
time
srand
rand
memmove
wcsstr
_ftol
_wcsicmp
_purecall
??3@YAXPAX@Z

kernel32

LoadLibraryA
lstrlenW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
CloseHandle
CreateEventW
GetShortPathNameW
GetModuleFileNameW
GetTickCount
MultiByteToWideChar
InterlockedDecrement
lstrcmpW
lstrcpyW
HeapDestroy
lstrcatW
FreeLibrary
GetProcAddress
LoadLibraryW
DisableThreadLibraryCalls
QueryPerformanceFrequency
QueryPerformanceCounter
lstrcmpiW
GlobalFree
GetLastError
GlobalAlloc
GetFileAttributesW
SetErrorMode
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetWindowsDirectoryA
GetVersionExA
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
DeleteFileA
UnmapViewOfFile
InterlockedIncrement

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
VariantClear
VariantCopy
VariantChangeType
VariantChangeTypeEx
LoadTypeLi
SysStringLen
LoadRegTypeLi
RegisterTypeLi

user32

LoadStringW
CharNextW
LoadImageW
SetRect
wsprintfA
ClientToScreen
LoadIconA
LoadCursorA
UnregisterClassA
GetClientRect
DrawTextA
DestroyWindow
RegisterClassA
CreateWindowExA
GetDC
ReleaseDC
DefWindowProcA
GetSysColor

ole32

CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoCreateInstance

gdi32

GetObjectW
GetObjectA
CreateCompatibleDC
SelectObject
StretchBlt
DeleteDC
SetBkMode
SetTextColor
DeleteObject
GetPaletteEntries
GetStockObject

winmm

timeGetTime

gdiplus

GdipCreatePath
GdipDeletePath
GdipSetPathGradientCenterColor
GdipGetPathGradientPointCount
GdipSetPathGradientSurroundColorsWithCount
GdipGetPathWorldBounds
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipDeleteFont
GdipGetImageWidth
GdipGetImageHeight
GdipSetImageAttributesColorMatrix
GdipSetImageAttributesWrapMode
GdipCreateMatrix
GdipTranslateMatrix
GdipSetLineBlend
GdipCreateSolidFill
GdipCreateTextureIA
GdipCreateLineBrush
GdipSetPenLineJoin
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipAddPathRectangle
GdipAddPathEllipse
GdipAddPathPolygonI
GdipDeleteStringFormat
GdipTransformPath
GdipWarpPath
GdipCreatePathGradientFromPath
GdipResetWorldTransform
GdipTranslateWorldTransform
GdipScaleWorldTransform
GdipRotateWorldTransform
GdipSetPageUnit
GdipDeletePen
GdipGraphicsClear
GdipFillRectangle
GdipFillPath
GdipDrawString
GdipMeasureString
GdipDrawImageRect
GdipDrawImageRectI
GdipGetFamilyName
GdipIsStyleAvailable
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateFont
GdipGetFamily
GdipGetFontSize
GdipCloneBrush
GdipCreateMatrix2
GdipSetWorldTransform
GdipDrawImageI
GdipCloneStringFormat
GdipAddPathString
GdipCreateStringFormat
GdipSetLineColors
GdipTranslateTextureTransform
GdipDeleteBrush
GdipDeleteMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCloneImage
GdipFree
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipDisposeImage
GdipAlloc
GdipDrawImageRectRect
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipDeleteGraphics
GdipDrawPath
GdipCreatePen2
GdipScaleMatrix
GdipGetImageGraphicsContext

dxtrans

?DXOverArrayMMX@@YGXPAVDXPMSAMPLE@@PBV1@K@Z
?DXDitherArray@@YGXPBUDXDITHERDESC@@@Z

ddraw

DirectDrawCreateEx

msimg32

TransparentBlt
AlphaBlend

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcc3a0f78f6e12000dc0d184359c26a3

Headers

File Characteristics

Imports

msvcrt

kernel32

oleaut32

user32

ole32

gdi32

winmm

gdiplus

dxtrans

ddraw

msimg32

Exports

Exports

Sections

.text Size: 198KB - Virtual size: 198KB

.data Size: 6KB - Virtual size: 7KB

.rsrc Size: 363KB - Virtual size: 362KB

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 198KB - Virtual size: 198KB

.data
Size: 6KB - Virtual size: 7KB

.rsrc
Size: 363KB - Virtual size: 362KB

.reloc
Size: 21KB - Virtual size: 20KB