047d36e3e6b54b7ea77c60c3d5bf4d50

Sharing

Copy URL Twitter E-mail

General

Target

047d36e3e6b54b7ea77c60c3d5bf4d50
Size

138KB
MD5

047d36e3e6b54b7ea77c60c3d5bf4d50
SHA1

a821420917134e52b30f1898d803fb3b4c433696
SHA256

2a28e3713401b4a61f67a7d4102ef135193de1d1f5353a53bd043eb6b7b6b2c0
SHA512

d5267faf9e568fff1632be04c88ade6a16e9b4ba8115b9abe715bd34b57d75ee4d4a50e3ac38f9fbc215c88a32229807685dc95d443faff11efd07dc85c17852
SSDEEP

3072:XuTWCXF7mNuNlK+EGlb2HvflEYyfuNMO+az:eTWCXF38+H2nlWoMr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
047d36e3e6b54b7ea77c60c3d5bf4d50

Files

047d36e3e6b54b7ea77c60c3d5bf4d50
.dll regsvr32 windows:4 windows x86 arch:x86

4cb5c8f107fc782702064c9e193b6907

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
FlushInstructionCache
GetCurrentProcess
HeapDestroy
InitializeCriticalSection
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
lstrcpyW
lstrcatW
DisableThreadLibraryCalls
WaitForMultipleObjects
lstrlenA
MultiByteToWideChar
lstrlenW
CreateThread
SetEvent
WaitForSingleObject
CloseHandle
CreateEventW
GetShortPathNameW
ResetEvent
FormatMessageW
LocalAlloc
LocalFree
GetVersionExW
WideCharToMultiByte
GetComputerNameW
lstrcmpW
lstrcpynW
GetLastError
ReadFile
GetFileSize
CreateFileW

user32

CharNextW
wsprintfW

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysFreeString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysAllocStringLen
VariantInit
SysAllocString
VariantClear
SysStringLen
DispCallFunc
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi

wininet

HttpOpenRequestW
InternetConnectW
InternetCloseHandle
InternetOpenW
HttpSendRequestW
InternetReadFile
InternetCrackUrlW

shlwapi

StrChrW
StrStrW

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Xlen@std@@YAXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PAD0PBD1@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

msvcrt

_CxxThrowException
memcpy
_purecall
memcmp
printf
atoi
sprintf
strtol
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
strchr
free
__dllonexit
_onexit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
_initterm
malloc
_adjust_fdiv
strlen
time
__CxxFrameHandler
??2@YAPAXI@Z

advapi32

GetUserNameW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumValueW
RegCreateKeyExW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cb5c8f107fc782702064c9e193b6907

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

wininet

shlwapi

msvcp60

msvcrt

advapi32

Exports

Exports

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 6KB - Virtual size: 6KB