0b71de40e8b6fea1595cf87d38aa390f

Sharing

Copy URL Twitter E-mail

General

Target

0b71de40e8b6fea1595cf87d38aa390f
Size

140KB
MD5

0b71de40e8b6fea1595cf87d38aa390f
SHA1

7d11ce8e76a67634af4b33df4828a259d386d826
SHA256

beea2b80578920908f9d1e8ac23cca577d13df211fc71c3843fc832280ebba9b
SHA512

3cdb732b5604800b48f607e06ba7990615ad2b9dc0f7e0c370614de68cf745fc8ad7c986d63133606938492bd8d0fdf4ae0c296ecc6de3619da4a633dd16b787
SSDEEP

3072:oLu6NJYFUwXZIQnR5q1PclZTOJEEqv8qoOP:oLu6ZwXZxnX5jTVTv8lO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b71de40e8b6fea1595cf87d38aa390f

Files

0b71de40e8b6fea1595cf87d38aa390f
.dll regsvr32 windows:4 windows x86 arch:x86

764956a66e4c63c7ebf7cb2d4108915f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

netapi32

Netbios

shlwapi

SHSetValueA
SHGetValueA
StrStrIA

oleaut32

SysFreeString
SysAllocString
VariantClear
GetErrorInfo

wininet

InternetOpenUrlA
InternetSetOptionA
InternetOpenA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle

winmm

timeGetTime

rpcrt4

UuidToStringA

msvcrt

_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_onexit
__dllonexit
srand
strstr
atoi
tmpnam
fopen
fclose
strtok
toupper
islower
strerror
isxdigit
isupper
_stricmp
ispunct
isalnum
isspace
strchr
__mb_cur_max
wctomb
strncpy
wcscmp
wcslen
?what@exception@@UBEPBDXZ
printf
free
??1exception@@UAE@XZ
_CxxThrowException
__CxxFrameHandler
malloc
isalpha
isgraph
tolower
??2@YAPAXI@Z
??3@YAXPAX@Z
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
fwrite

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

advapi32

RegOpenKeyExA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoCreateGuid
CoTaskMemAlloc

user32

DefWindowProcA
SetTimer
KillTimer
EnumWindows
SystemParametersInfoA
GetMessageA
ShowWindow
CreateWindowExA
SetWindowPos
wsprintfA
CloseClipboard
OpenClipboard
TranslateMessage
DispatchMessageA
EnumChildWindows
GetWindowThreadProcessId
GetClassNameA
RegisterClassExA

kernel32

CreateFileA
SleepEx
GetLocalTime
lstrcmpA
lstrcmpiA
InterlockedExchange
GetEnvironmentVariableA
GetVersionExA
GetEnvironmentStrings
FreeEnvironmentStringsA
QueryPerformanceFrequency
GetTickCount
GetCurrentDirectoryA
HeapFree
GetLastError
lstrcpynA
GetFullPathNameA
GetModuleFileNameA
MoveFileExA
GetSystemInfo
Sleep
LocalFree
FormatMessageA
FreeLibrary
GetProcAddress
LoadLibraryA
HeapSize
HeapAlloc
GetProcessHeap
CloseHandle
GetModuleHandleA
OpenProcess
GetCurrentProcessId
GetWindowsDirectoryA
lstrlenA
GetSystemDirectoryA
WaitForSingleObject
CreateProcessA
DeleteFileA
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
QueryPerformanceCounter
GetVersion
SetLastError
MultiByteToWideChar
GetProcessTimes
GetCurrentProcess
lstrcpyA
GetThreadTimes
GetCurrentThread

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

764956a66e4c63c7ebf7cb2d4108915f

Headers

File Characteristics

Imports

netapi32

shlwapi

oleaut32

wininet

winmm

rpcrt4

msvcrt

version

psapi

advapi32

ole32

user32

kernel32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 16KB - Virtual size: 20KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 16KB - Virtual size: 20KB

.reloc
Size: 8KB - Virtual size: 6KB