027d30754c3b6a2607d4b3a81d2c9112

Sharing

Copy URL Twitter E-mail

General

Target

027d30754c3b6a2607d4b3a81d2c9112
Size

208KB
MD5

027d30754c3b6a2607d4b3a81d2c9112
SHA1

fc1df9f2716a50598f6422b52fcfc00df6349091
SHA256

bcf8b4f97bbfb010c9ee5363eb5dad5ff4bb2ed4b1e533e130a67157e0679ee3
SHA512

a464b29257f762996fa48156c5c9db6c50c0dbe5fa38fc66623450c4a82a9dd63259d298107ef8155a44f548941a6b830a1f9a8235f21bf2f94832c1201f0286
SSDEEP

3072:UJqpXAY6mI5nn1eowej0m1TBj4efTVQlTx2ccmb7fFM0kkSfXhMysars:Uhn1ee0mPjHLzSM0ZSfXB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
027d30754c3b6a2607d4b3a81d2c9112

Files

027d30754c3b6a2607d4b3a81d2c9112
.dll regsvr32 windows:4 windows x86 arch:x86

90a984e3e780388992bc20cf706d8963

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_Create
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_Destroy

kernel32

FindFirstFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
GetCurrentThreadId
FreeEnvironmentStringsA
GetStartupInfoA
ReadFile
SetEndOfFile
CreateProcessA
GetExitCodeProcess
LCMapStringW
LCMapStringA
CreateFileA
FlushFileBuffers
SetStdHandle
SetFilePointer
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
GetOEMCP
FindNextFileA
CreateMutexA
WaitForSingleObject
ReleaseMutex
CloseHandle
InterlockedIncrement
DisableThreadLibraryCalls
lstrlenA
GetVersionExA
InterlockedDecrement
GetACP
GetCPInfo
WriteFile
GetFileType
GetStdHandle
SetHandleCount
SetUnhandledExceptionFilter
HeapSize
HeapReAlloc
GetCurrentProcess
TerminateProcess
ExitProcess
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
GetLastError
MultiByteToWideChar
WideCharToMultiByte
LocalFree
RtlUnwind
RaiseException
GetCommandLineA
GetVersion
GetFileAttributesA
HeapFree
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapAlloc
FreeEnvironmentStringsW

user32

LoadStringA
wsprintfA
FindWindowA
PostMessageA
SetFocus
IsWindow
DestroyWindow
ShowWindow
MessageBoxA
GetWindowTextA
GetFocus
IsChild
LoadBitmapA
LoadIconA
GetParent
GetClientRect
CreateWindowExA
GetWindowLongA
AppendMenuA
InsertMenuItemA
CreatePopupMenu
ClientToScreen
TrackPopupMenuEx
DestroyMenu
SetWindowLongA
CallWindowProcA
SendMessageA

gdi32

GetStockObject
DeleteObject

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoTaskMemFree
StringFromIID

oleaut32

SysStringByteLen
SysAllocStringByteLen
VariantInit
VariantCopy
VariantChangeType
VariantClear
SysAllocString
SysFreeString

shlwapi

SHRegOpenUSKeyA
SHRegQueryUSValueA
SHRegCloseUSKey
SHDeleteValueA
SHDeleteKeyA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90a984e3e780388992bc20cf706d8963

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 98KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 12KB - Virtual size: 39KB

.rsrc Size: 36KB - Virtual size: 34KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 100KB - Virtual size: 98KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 39KB

.rsrc
Size: 36KB - Virtual size: 34KB

.reloc
Size: 12KB - Virtual size: 9KB