0959fb138a1b2ad9bb4849643819704b

Sharing

Copy URL Twitter E-mail

General

Target

0959fb138a1b2ad9bb4849643819704b
Size

148KB
MD5

0959fb138a1b2ad9bb4849643819704b
SHA1

a490cdbef051948f39df9974109b35a3b447cf1c
SHA256

900a943f806a2824f0e64d053557c2da0b16e1fd8587c8ac4ad6d6660bb115a3
SHA512

611898b5b322f4b86467d9c5844b7f377b20bb5faaa3d120df42609598657eb6ffff9a5ed68c42170dec8923a48eb952a62c863d3c3be90aad50cc0b5145d609
SSDEEP

3072:6+VpZkRNKgpVSvz5Et7GE5tOJn6RC4Q6otjr4GD:Pan/puoSE5tNc1r4G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0959fb138a1b2ad9bb4849643819704b

Files

0959fb138a1b2ad9bb4849643819704b
.dll regsvr32 windows:4 windows x86 arch:x86

30258863278ddcad6aa7263af73c4b1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

netapi32

Netbios

shlwapi

SHGetValueA
StrStrIA
SHSetValueA

winmm

timeGetTime

advapi32

CryptReleaseContext
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
CryptAcquireContextA
RegCloseKey
CryptGenRandom

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
strtok
toupper
tmpnam
fopen
fwrite
fclose
__mb_cur_max
wctomb
islower
isupper
ispunct
tolower
free
strncpy
strchr
isalnum
isgraph
??2@YAPAXI@Z
isalpha
wcscmp
??3@YAXPAX@Z
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
?what@exception@@UBEPBDXZ
__CxxFrameHandler
wcslen
isxdigit
srand
malloc
strerror
strstr
isspace
printf
_stricmp
atoi

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

oleaut32

SysAllocString
SysFreeString
GetErrorInfo
VariantClear

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoCreateGuid

rpcrt4

UuidToStringA

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

user32

SetTimer
DefWindowProcA
SystemParametersInfoA
SetWindowPos
KillTimer
wsprintfA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
OpenClipboard
CloseClipboard
GetClassNameA
EnumWindows
EnumChildWindows
CreateWindowExA
RegisterClassExA
GetWindowThreadProcessId

wininet

InternetOpenA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile
InternetOpenUrlA
InternetSetOptionA

kernel32

QueryPerformanceFrequency
GetCurrentDirectoryA
GetVersion
HeapSize
HeapAlloc
CloseHandle
OpenProcess
GetModuleFileNameA
GetModuleHandleA
GetProcessTimes
GetCurrentProcess
GetLastError
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
LocalFree
FormatMessageA
GetSystemInfo
GetThreadTimes
GetCurrentThread
SetLastError
lstrlenA
GetFullPathNameA
lstrcpynA
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
GetSystemDirectoryA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetVersionExA
GetTickCount
lstrcpyA
GetEnvironmentVariableA
InterlockedExchange
lstrcmpiA
lstrcmpA
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
GetLocalTime
SleepEx
QueryPerformanceCounter
GetCurrentProcessId
GetWindowsDirectoryA
Sleep
GetProcessHeap
HeapFree
CreateFileA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30258863278ddcad6aa7263af73c4b1d

Headers

File Characteristics

Imports

netapi32

shlwapi

winmm

advapi32

msvcrt

version

oleaut32

ole32

rpcrt4

psapi

user32

wininet

kernel32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 20KB - Virtual size: 22KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 20KB - Virtual size: 22KB

.reloc
Size: 8KB - Virtual size: 7KB