04e9e17553579b65a16c2b81410e0fec

Sharing

Copy URL Twitter E-mail

General

Target

04e9e17553579b65a16c2b81410e0fec
Size

132KB
MD5

04e9e17553579b65a16c2b81410e0fec
SHA1

b87fbdc80dd1723f6231632e4c9e5e1b66b7ea96
SHA256

962fedac05c4bf747bfc1197bae61a01e4dceb276ecdf8aa301ef9890fe946cb
SHA512

4654bc4cc4d154c504ebcd0b3a35423358f5a0d3d75183d075b36cf8cb21e6b655f1d15e733d74b2a0d9063b1cbf823e7b148d1ae703dded7db8f624f33676ae
SSDEEP

3072:4rPl6sGOnUU2ADuYxpj0DOC81+nUXyJjlQRVTWdp:4rAstnUpAD7xpjr+UXIlQRVadp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04e9e17553579b65a16c2b81410e0fec

Files

04e9e17553579b65a16c2b81410e0fec
.dll regsvr32 windows:4 windows x86 arch:x86

b87a62007a6b30bcb34253dd69cf3e23

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

oleaut32

GetErrorInfo
SysFreeString
VariantClear
SysAllocString

wininet

HttpQueryInfoA
InternetSetOptionA
InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

user32

GetClassNameA
DefWindowProcA
SetTimer
EnumWindows
GetWindowThreadProcessId
EnumChildWindows
KillTimer
wsprintfA
SystemParametersInfoA
SetWindowPos
OpenClipboard
CloseClipboard
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA

msvcrt

isxdigit
toupper
strtok
fclose
fwrite
fopen
tmpnam
atoi
strtol
srand
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
tolower
strchr
wcscmp
?what@exception@@UBEPBDXZ
wcslen
isalnum
isgraph
printf
isalpha
strerror
ispunct
isspace
isupper
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_CxxThrowException
__CxxFrameHandler
islower
__mb_cur_max
wctomb
??0exception@@QAE@ABV0@@Z
free
malloc
??3@YAXPAX@Z
??2@YAPAXI@Z
strstr
strncpy
_stricmp

winmm

timeGetTime

netapi32

Netbios

rpcrt4

UuidToStringA

ole32

CoInitialize
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

advapi32

CryptReleaseContext
CryptAcquireContextA
RegCloseKey
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
CryptGenRandom

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

kernel32

SleepEx
OpenProcess
DeleteFileA
CreateProcessA
WaitForSingleObject
MoveFileExA
CreateFileA
GetCurrentProcessId
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetModuleFileNameA
GetEnvironmentVariableA
GetCurrentProcess
GetProcessTimes
SetLastError
lstrlenA
GetCurrentThread
GetThreadTimes
lstrcpyA
GetVersionExA
GetModuleHandleA
GetWindowsDirectoryA
HeapSize
HeapAlloc
GetVersion
lstrcpynA
FreeEnvironmentStringsA
GetEnvironmentStrings
Sleep
HeapFree
GetLastError
LocalFree
FormatMessageA
GetProcessHeap
GetSystemDirectoryA
InterlockedExchange
MultiByteToWideChar
GetFullPathNameA
lstrcmpiA
lstrcmpA
GetLocalTime
QueryPerformanceFrequency
GetCurrentDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
QueryPerformanceCounter
GetTickCount
CloseHandle
GetSystemInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b87a62007a6b30bcb34253dd69cf3e23

Headers

File Characteristics

Imports

psapi

oleaut32

wininet

version

user32

msvcrt

winmm

netapi32

rpcrt4

ole32

advapi32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 20KB - Virtual size: 22KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 20KB - Virtual size: 22KB

.reloc
Size: 8KB - Virtual size: 6KB