0360224b58b709ec013c6fcda08c8b3c

Sharing

Copy URL Twitter E-mail

General

Target

0360224b58b709ec013c6fcda08c8b3c
Size

144KB
MD5

0360224b58b709ec013c6fcda08c8b3c
SHA1

ab48b6c7dfbc2e45cdfdbc64438519b465c45679
SHA256

31e8a9ee77c65fc3c75a0b5c18f7b161c170f3a4ae53d13a63cd7b29fd339cbd
SHA512

96960d6337c617055bc812c6332aafc82b221e02d8d05b769cd1df933745371f2a66025a1e31fdc92e0f34ec1817c1fbbef42c01b6c17bc0ae9d604b9dd80052
SSDEEP

3072:Lv1cHImox+qOrjWtmS4Fba8gJvzu232M/IEJzOl3kl:BVmoRuW452hQ2Ol3kl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0360224b58b709ec013c6fcda08c8b3c

Files

0360224b58b709ec013c6fcda08c8b3c
.dll regsvr32 windows:4 windows x86 arch:x86

9b5cea6bbe8993649351ae725721fd2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

netapi32

Netbios

wininet

HttpQueryInfoA
InternetOpenA
InternetSetOptionA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

advapi32

CryptReleaseContext
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExW
CryptAcquireContextA
CryptGenRandom
RegCloseKey

user32

CreateWindowExA
DispatchMessageA
TranslateMessage
GetMessageA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
ShowWindow
KillTimer
SetTimer
DefWindowProcA
OpenClipboard
CloseClipboard
SystemParametersInfoA
SetWindowPos
wsprintfA
RegisterClassExA
EnumWindows

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
CoCreateGuid

rpcrt4

UuidToStringA

winmm

timeGetTime

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

oleaut32

GetErrorInfo
SysAllocString
SysFreeString
VariantClear

shlwapi

SHGetValueA
SHSetValueA
StrStrIA

msvcrt

??3@YAXPAX@Z
isgraph
wctomb
malloc
__mb_cur_max
isalnum
??2@YAPAXI@Z
isspace
isupper
isxdigit
free
__CxxFrameHandler
isalpha
strchr
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??0exception@@QAE@XZ
??1exception@@UAE@XZ
strerror
printf
tolower
_stricmp
ispunct
?what@exception@@UBEPBDXZ
wcslen
wcscmp
strstr
toupper
strtok
fclose
fwrite
fopen
tmpnam
atoi
strtol
srand
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
strncpy
islower

kernel32

CreateProcessA
DeleteFileA
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
CloseHandle
WaitForSingleObject
MoveFileExA
CreateFileA
GetCurrentProcessId
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetModuleHandleA
GetCurrentProcess
GetProcessTimes
lstrcmpA
lstrcmpiA
lstrcpynA
GetVersion
GetSystemInfo
FormatMessageA
LocalFree
GetEnvironmentStrings
FreeEnvironmentStringsA
GetProcessHeap
lstrcpyA
GetWindowsDirectoryA
GetFullPathNameA
InterlockedExchange
GetModuleFileNameA
SetLastError
GetLastError
HeapAlloc
HeapSize
GetVersionExA
lstrlenA
GetCurrentDirectoryA
GetEnvironmentVariableA
HeapFree
SleepEx
OpenProcess
QueryPerformanceCounter
GetCurrentThread
Sleep
GetThreadTimes
GetLocalTime
GetSystemDirectoryA
GetTickCount
QueryPerformanceFrequency

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b5cea6bbe8993649351ae725721fd2c

Headers

File Characteristics

Imports

netapi32

wininet

advapi32

user32

version

ole32

rpcrt4

winmm

psapi

oleaut32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 22KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 22KB

.reloc
Size: 8KB - Virtual size: 7KB