00f3a2c992df22b2527f321806a0a0ca

Sharing

Copy URL Twitter E-mail

General

Target

00f3a2c992df22b2527f321806a0a0ca
Size

136KB
MD5

00f3a2c992df22b2527f321806a0a0ca
SHA1

4c4e5756f758b904a664a853d8be2b311df637b9
SHA256

6e50204e2feb28086962131eb988d39536f045a4e705322ce82d0a09a857c59b
SHA512

aca2b38821eaa7ce5d1dc736eb5fec5c8e7dd226b555bc4aff200d92996000391d668f20b5ca974ec81bc2640dc8133a3d291f6f57ee682bf9996b09891094a3
SSDEEP

3072:MPZGTSyJQvp6q+t/0NTNzRfsT6JflVr3Y:MP0SRt+t/SBFlVro

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00f3a2c992df22b2527f321806a0a0ca

Files

00f3a2c992df22b2527f321806a0a0ca
.dll regsvr32 windows:4 windows x86 arch:x86

67f5d7d3128ee80cddb237732b9f378e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

rpcrt4

UuidToStringA

oleaut32

GetErrorInfo
SysAllocString
SysFreeString
VariantClear

advapi32

RegCloseKey
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA

netapi32

Netbios

user32

wsprintfA
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
SystemParametersInfoA
SetWindowPos
KillTimer
SetTimer
DefWindowProcA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
OpenClipboard
CloseClipboard

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

wininet

InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetSetOptionA
InternetOpenA

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

msvcrt

free
toupper
tolower
strtok
strchr
strncpy
printf
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??0exception@@QAE@XZ
??1exception@@UAE@XZ
wcslen
?what@exception@@UBEPBDXZ
wcscmp
strstr
srand
wctomb
__mb_cur_max
strerror
_stricmp
fclose
fwrite
fopen
tmpnam
atoi
isupper
ispunct
isgraph
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
isspace
islower
isalnum
malloc
isalpha
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z
isxdigit

winmm

timeGetTime

ole32

CoTaskMemAlloc
CoCreateInstance
CoCreateGuid
CoInitialize
CoTaskMemFree

kernel32

GetCurrentProcessId
lstrcpynA
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
QueryPerformanceCounter
GetCurrentThread
GetThreadTimes
GetSystemInfo
GetCurrentProcess
GetProcessTimes
GetLocalTime
LoadLibraryA
VirtualAllocEx
GetProcAddress
WriteProcessMemory
CreateRemoteThread
FreeLibrary
OpenProcess
lstrcpyA
InterlockedExchange
FormatMessageA
LocalFree
GetModuleHandleA
GetModuleFileNameA
GetCurrentDirectoryA
GetEnvironmentVariableA
GetSystemDirectoryA
GetWindowsDirectoryA
SleepEx
GetFullPathNameA
lstrlenA
SetLastError
GetLastError
GetVersion
MultiByteToWideChar
CreateFileA
CloseHandle
lstrcmpA
lstrcmpiA
GetProcessHeap
QueryPerformanceFrequency
GetTickCount
Sleep
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
GetVersionExA
HeapSize
HeapAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67f5d7d3128ee80cddb237732b9f378e

Headers

File Characteristics

Imports

psapi

rpcrt4

oleaut32

advapi32

netapi32

user32

version

wininet

shlwapi

msvcrt

winmm

ole32

kernel32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 20KB - Virtual size: 21KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 20KB - Virtual size: 21KB

.reloc
Size: 8KB - Virtual size: 6KB