f7d4302f32c2d973156b1ef66c821dcc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f7d4302f32c2d973156b1ef66c821dcc
Size

32KB
MD5

f7d4302f32c2d973156b1ef66c821dcc
SHA1

534681f27c25d769f54daa43c5b7692bb1e885ec
SHA256

7b93bb61a1ee592c7a916a9a6c5fe11d5c693833af7eefbec20d0ce456e99877
SHA512

fac8fb91d41b60f1445890ed94c5b9ae0c286f519a4533fd64efa108b16009a6c255e7a38b09ed42a7663409a753734ce5f92c6ec030747e1f634dbb33c29518
SSDEEP

384:m16PB6JUEcRYpin20AqUo2M3dWiLRsUZrQe8EpNUe:m8pac+in1AqUo2SdWoRTZrQe8aU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7d4302f32c2d973156b1ef66c821dcc

Files

f7d4302f32c2d973156b1ef66c821dcc
.dll regsvr32 windows:4 windows x86 arch:x86

8b2806bbea91eff054c816d632cec87a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
GetSystemDirectoryA
GetWindowsDirectoryA
CloseHandle
GetModuleFileNameA
DeleteFileA
GetLocalTime
GetProcAddress
LoadLibraryA

user32

GetMessageA
TranslateMessage
DispatchMessageA
CallNextHookEx
FindWindowExA
KillTimer
SetTimer
PostMessageA
DefWindowProcA
CreateWindowExA
ShowWindow
UnhookWindowsHookEx
RegisterClassExA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

msvcrt

_initterm
free
strstr
strchr
fopen
fwrite
fclose
_strlwr
malloc
_adjust_fdiv
_stricmp
??2@YAPAXI@Z
??3@YAXPAX@Z
sprintf
_access
__CxxFrameHandler
strrchr

Exports

Exports

DllRegisterServer
DllUnregisterServer
UnvWwlMOZ
dSALxYredMHRJjkmal
zQmkOCHqCq

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ