0a50fb975b27463ea4b280a3c13b6f9f

Sharing

Copy URL

Twitter E-mail

General

Target

0a50fb975b27463ea4b280a3c13b6f9f
Size

335KB
MD5

0a50fb975b27463ea4b280a3c13b6f9f
SHA1

95fb8c364da844425085c6418c3fa9f9bf19220b
SHA256

0762d0614e08121120f26d39a866deb3851a4dc4d740cf572fb8ff2fe9e74299
SHA512

caea2dc19ad11a15fee3af9339c55fff453a6058dc01164aff2ba6225bfc9b50185750bc2b61d5a7746b18effb99d06b7d8240eaff9a835963c9bf014dc9f349
SSDEEP

6144:RPUEfBxW0mCx0/ml8F1lP6D1oQ0QndYRO8vGMyP:RXpoCx0/ml8FIjLdYMWXq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a50fb975b27463ea4b280a3c13b6f9f

Files

0a50fb975b27463ea4b280a3c13b6f9f
.dll regsvr32 windows:4 windows x86 arch:x86

b833fa66e2a4b6643fa5630623250fbd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeBeginPeriod
timeEndPeriod
timeSetEvent
timeGetTime

d3d9

Direct3DCreate9

gdi32

ExtTextOutW
CreateCompatibleDC
SetBkColor
SelectObject
GetTextMetricsW
GetGlyphOutlineW
DeleteObject
DeleteDC
FillRgn
CreateSolidBrush
CombineRgn
CreateRectRgn
CreateRectRgnIndirect
CreateFontW

kernel32

CloseHandle
LoadResource
SetThreadPriority
CreateSemaphoreW
FindResourceExW
WideCharToMultiByte
InterlockedCompareExchange
InitializeCriticalSection
MultiByteToWideChar
DeleteCriticalSection
SetEvent
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
FlushFileBuffers
CreateFileA
ReadFile
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryA
RtlUnwind
IsValidCodePage
GetOEMCP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
Sleep
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
LockResource
WriteFile
ExitProcess
GetModuleHandleA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapCreate
GetCommandLineA
GetThreadLocale
GetLocaleInfoA
GetACP
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
lstrcmpiA
GetModuleHandleW
InterlockedExchange
GetModuleFileNameA
GetVersionExW
DisableThreadLibraryCalls
GetLastError
VirtualFree
ResetEvent
CreateThread
SizeofResource
CreateEventW
InterlockedDecrement
ReleaseSemaphore
FindResourceW
InterlockedIncrement
LCMapStringW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
DuplicateHandle
SetStdHandle
GetCurrentThreadId
VirtualAlloc
lstrlenW
lstrcmpW
GetSystemInfo
lstrcpynW
GetCurrentProcess
LoadLibraryW
GetProcAddress
FreeLibrary
GetTickCount
OutputDebugStringA
lstrlenA
GetVersionExA
RaiseException
GetStringTypeW
GetStdHandle

user32

UnregisterClassA
GetDesktopWindow
LoadStringW
MoveWindow
CreateDialogParamW
InvalidateRect
SendMessageTimeoutW
GetClassLongW
GetParent
UnionRect
SetWindowPos
SetRectEmpty
SetDlgItemTextA
PostQuitMessage
SendDlgItemMessageA
PostMessageW
SetCursor
SetWindowsHookExW
EnumDisplayDevicesA
GetMonitorInfoW
CallNextHookEx
GetWindowRect
GetKeyState
GetWindowLongW
SendMessageW
SetWindowLongW
ShowWindow
RegisterClassW
KillTimer
LoadCursorW
SetTimer
DestroyWindow
AttachThreadInput
SetParent
GetWindowThreadProcessId
MsgWaitForMultipleObjects
ReleaseDC
SetWindowTextW
DispatchMessageW
IntersectRect
GetWindowPlacement
PeekMessageW
ScreenToClient
GetDC
IsWindowVisible
GetClientRect
CreateWindowExW
GetWindowTextW
DefWindowProcW
GetDlgItem
EnableWindow
ValidateRect
InflateRect
UnhookWindowsHookEx

advapi32

RegSetValueW
CryptReleaseContext
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyW
CryptGenRandom
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
CryptAcquireContextW

ole32

StringFromGUID2
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoFreeUnusedLibraries

oleaut32

SysFreeString
VariantChangeType
SafeArrayAccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SysAllocStringLen
VariantClear
VariantInit
SafeArrayUnaccessData
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b833fa66e2a4b6643fa5630623250fbd

Headers

File Characteristics

Imports

winmm

d3d9

gdi32

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 174KB - Virtual size: 174KB

.rdata Size: 41KB - Virtual size: 40KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 15KB - Virtual size: 14KB

.text Size: 94KB - Virtual size: 96KB

.text
Size: 174KB - Virtual size: 174KB

.rdata
Size: 41KB - Virtual size: 40KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 15KB - Virtual size: 14KB

.text
Size: 94KB - Virtual size: 96KB