053184b7a9dd93cd9966701f3467c385

Sharing

Copy URL Twitter E-mail

General

Target

053184b7a9dd93cd9966701f3467c385
Size

104KB
MD5

053184b7a9dd93cd9966701f3467c385
SHA1

49c9f2caec68ab8047f407990689ce8d7dcdab0c
SHA256

757fce741aea3e0dce533427368f4bdcae9bbd3dc757bf47f0f2cc5ec60e0aec
SHA512

0b369156adf16ccd7f2c818cf590bccf84a8f941b613b729c119a8fde68515a7ad7e6a5c36e685050aa2f72539fb4550f45265a3b19e6663453b2a41f4e84adc
SSDEEP

1536:dD1ebwea+fzjm0+Hsqv5uvmG/3p8zPAgJyETHH9Vxani+oOP9uWuZ9ZtE4kYqZtv:dobwea2zGMb64gfnPki+xuTc4XkAlvd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
053184b7a9dd93cd9966701f3467c385

Files

053184b7a9dd93cd9966701f3467c385
.dll regsvr32 windows:4 windows x86 arch:x86

693fb052fcd360ecf9d4aeb77490e41f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrlenW
lstrlenA
lstrcpyA
GetModuleHandleA
GetModuleFileNameA
WideCharToMultiByte
IsDBCSLeadByte
MultiByteToWideChar
lstrcpynA
lstrcmpiA
RaiseException
SetFileAttributesA
WriteFile
CreateFileA
GetSystemDirectoryA
ReadFile
GetFileSize
GetExitCodeProcess
OpenProcess
UnmapViewOfFile
MapViewOfFile
GetVolumeInformationA
CreateProcessA
Sleep
ReleaseMutex
FreeLibraryAndExitThread
WaitForSingleObject
DeleteFileA
GetTickCount
OpenFileMappingA
lstrcatA
OpenEventA
TerminateThread
OutputDebugStringA
GetCommandLineA
LoadLibraryA
CreateThread
CreateMutexA
SetStdHandle
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
GetStartupInfoA
GetFileType
GetStdHandle
CreateEventA
SetEvent
CloseHandle
GetCurrentThreadId
GetLastError
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateFileMappingA
GetVersionExA
SetHandleCount
IsBadWritePtr
VirtualFree
HeapCreate
GetCurrentProcess
TerminateProcess
GetProcAddress
GetCPInfo
GetOEMCP
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
ExitProcess
GetProcessHeap
HeapSize
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc

user32

CallNextHookEx
GetClassNameA
SetPropA
GetPropA
GetFocus
UnhookWindowsHookEx
CharNextA
wsprintfA
SetWindowsHookExA
FindWindowExA
GetDlgItem
GetParent

advapi32

RegQueryValueExA
CreateProcessAsUserA
RegDeleteKeyA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegEnumValueA
RegCloseKey
RegQueryInfoKeyA

shell32

ShellExecuteA
SHGetFileInfoA

ole32

CoCreateInstance
StringFromGUID2
CoTaskMemFree
StringFromCLSID

oleaut32

SysStringLen
LoadTypeLi
VarUI4FromStr
SysFreeString
UnRegisterTypeLi
SysAllocString
RegisterTypeLi
LoadRegTypeLi

shlwapi

PathFindExtensionA
StrRChrA
StrChrA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
InstallHook
SysLogoff
SysLogon

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

693fb052fcd360ecf9d4aeb77490e41f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 360B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 360B

.reloc
Size: 8KB - Virtual size: 4KB