02190a920a9c1581f5755f634c374e98

Sharing

Copy URL Twitter E-mail

General

Target

02190a920a9c1581f5755f634c374e98
Size

152KB
MD5

02190a920a9c1581f5755f634c374e98
SHA1

357705330e658b6f4d579dac52e1ce84e23c12c6
SHA256

59247fff3371733ceecfbfd443ff4f149a2b1fea2b013781084fd4c33925b944
SHA512

c1f26ebae85e689f4b3cb298cee5472dee6b2070bfd51878f8cc2b61f5ac82017a10222f10ae1f81db3d3a8f08cbf59e883bd2b37c166fa3de4d04beafac67d8
SSDEEP

3072:nPR0OnSugz5nN/GPAUixwJUBPuchG/LV:nPR00du55C6x32chG/LV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02190a920a9c1581f5755f634c374e98

Files

02190a920a9c1581f5755f634c374e98
.dll regsvr32 windows:4 windows x86 arch:x86

ec8142584e8ef0d04d1bae51f1f3bfd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
RegisterClassExA
SetWindowPos
SystemParametersInfoA
CloseClipboard
OpenClipboard
DefWindowProcA
SetTimer
KillTimer
EnumWindows
EnumChildWindows
GetWindowThreadProcessId
GetClassNameA
wsprintfA

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
srand
atoi
tmpnam
fopen
fwrite
fclose
_stricmp
??2@YAPAXI@Z
strstr
??3@YAXPAX@Z
strncpy
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??0exception@@QAE@XZ
strtok
toupper
??1exception@@UAE@XZ
islower
printf
strchr
ispunct
isxdigit
isalnum
__mb_cur_max
wctomb
isgraph
tolower
isalpha
isupper
isspace
free
malloc
wcslen
strerror
wcscmp
?what@exception@@UBEPBDXZ

advapi32

RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegCloseKey

netapi32

Netbios

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
CoCreateGuid

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

rpcrt4

UuidToStringA

winmm

timeGetTime

oleaut32

GetErrorInfo
SysAllocString
SysFreeString
VariantClear

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

wininet

InternetSetOptionA
HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetCloseHandle
InternetOpenUrlA

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

kernel32

CreateProcessA
WaitForSingleObject
MoveFileExA
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
CreateFileA
OpenProcess
Sleep
LoadLibraryA
GetLastError
GetProcAddress
FreeLibrary
GetVersionExA
GetSystemDirectoryA
GetModuleHandleA
GetModuleFileNameA
HeapFree
GetLocalTime
lstrlenA
GetCurrentDirectoryA
DeleteFileA
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
GetVersion
HeapSize
HeapAlloc
GetProcessHeap
SetLastError
InterlockedExchange
GetFullPathNameA
lstrcpyA
SleepEx
GetThreadTimes
GetCurrentThread
lstrcpynA
FreeEnvironmentStringsA
GetEnvironmentStrings
MultiByteToWideChar
lstrcmpiA
lstrcmpA
CloseHandle
GetCurrentProcessId
GetSystemInfo
LocalFree
FormatMessageA
GetWindowsDirectoryA
GetProcessTimes
GetCurrentProcess
GetEnvironmentVariableA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec8142584e8ef0d04d1bae51f1f3bfd5

Headers

File Characteristics

Imports

user32

msvcrt

advapi32

netapi32

ole32

shlwapi

rpcrt4

winmm

oleaut32

version

wininet

psapi

kernel32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 20KB - Virtual size: 21KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 20KB - Virtual size: 21KB

.reloc
Size: 8KB - Virtual size: 7KB