01e29f80084194dd993468ae281f9971

Sharing

Copy URL

Twitter E-mail

General

Target

01e29f80084194dd993468ae281f9971
Size

180KB
MD5

01e29f80084194dd993468ae281f9971
SHA1

c5840e718bffa343251bd06236053f777b767525
SHA256

c6ebb0a0cc866cd2b00e58b1e8e5bf7051d150e5fff1739c3763c40c33fa70b8
SHA512

fa73efc25176638e9955acd1899cdfd45cdf2c2ce57b11ce5e7130be0aae6882a5a06b0358638820a3348480bcec972380909f3e3605a2ea0fbf2ca5ba186e4c
SSDEEP

3072:AIfEdYpPIGdFnAnvBYt5uOOFwi5UOuMGF0vOWw70D1MC8K92LTFxgdhytUqFoIjZ:Acw6P7HAAhTiBQF0Gm1M7K9Chxgdh6/P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01e29f80084194dd993468ae281f9971

Files

01e29f80084194dd993468ae281f9971
.dll regsvr32 windows:4 windows x86 arch:x86

9ee124f084d630b0b64d21e701de749c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
GetModuleHandleA
GetProcAddress
VirtualProtect
VirtualProtect

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

GetPixel

wsock32

WSACleanup

wininet

InternetReadFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JSOff
JSOn

Sections

CODE
Size: - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.32fbng0
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.32fbng1
Size: - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.32fbng2
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5fg32f0
Size: - Virtual size: 48B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5fg32f1
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5fg32f2
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ee124f084d630b0b64d21e701de749c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

gdi32

wsock32

wininet

Exports

Exports

Sections

CODE Size: - Virtual size: 126KB

DATA Size: - Virtual size: 2KB

BSS Size: - Virtual size: 5KB

.idata Size: - Virtual size: 3KB

.edata Size: - Virtual size: 193B

.32fbng0 Size: - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 4KB

.32fbng1 Size: - Virtual size: 62KB

.32fbng2 Size: 169KB - Virtual size: 168KB

.5fg32f0 Size: - Virtual size: 48B

.5fg32f1 Size: - Virtual size: 5KB

.5fg32f2 Size: 9KB - Virtual size: 8KB

.reloc Size: 1024B - Virtual size: 536B

CODE
Size: - Virtual size: 126KB

DATA
Size: - Virtual size: 2KB

BSS
Size: - Virtual size: 5KB

.idata
Size: - Virtual size: 3KB

.edata
Size: - Virtual size: 193B

.32fbng0
Size: - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 4KB

.32fbng1
Size: - Virtual size: 62KB

.32fbng2
Size: 169KB - Virtual size: 168KB

.5fg32f0
Size: - Virtual size: 48B

.5fg32f1
Size: - Virtual size: 5KB

.5fg32f2
Size: 9KB - Virtual size: 8KB

.reloc
Size: 1024B - Virtual size: 536B