0d68d0ea9036f8daf50e8b9b7230d9bb

Sharing

Copy URL

Twitter E-mail

General

Target

0d68d0ea9036f8daf50e8b9b7230d9bb
Size

144KB
MD5

0d68d0ea9036f8daf50e8b9b7230d9bb
SHA1

57897a6321cb4345fc60e18f905a16e541c4cbcd
SHA256

0ca653ba68e3f61416d1fbb2648cceb6ba52167736a5d4048af9a6eb8db3f7ef
SHA512

42f5dd1f81729726870977e90ffc4fcff0cfffe14cf6b9e7c6087e9bf92590f48152060b71d506a78c129ebd47c57668565f9a7910ccc7dc759d5f163625da50
SSDEEP

1536:g159kdHLbfnNtTB/pp+yEScvzUfyXG3tGoow7TShrhpYICS4AgOJLOJWlHallBnY:6yHLbfnNtT/zc4aS0w7wpL2OJLONh7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d68d0ea9036f8daf50e8b9b7230d9bb

Files

0d68d0ea9036f8daf50e8b9b7230d9bb
.dll regsvr32 windows:4 windows x86 arch:x86

64a5e435e7ad1277b1a163815140e055

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

shlwapi

SHGetValueA
StrStrIA
SHSetValueA

msvcrt

??0exception@@QAE@ABV0@@Z
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
srand
strtok
toupper
wcslen
strtol
atoi
tmpnam
fopen
fwrite
fclose
strstr
__CxxFrameHandler
_CxxThrowException
?what@exception@@UBEPBDXZ
??0exception@@QAE@XZ
??1exception@@UAE@XZ
??3@YAXPAX@Z
_stricmp
isxdigit
isgraph
tolower
__mb_cur_max
wctomb
ispunct
isalnum
strerror
isalpha
free
malloc
printf
islower
isupper
isspace
strncpy
strchr
??2@YAPAXI@Z
wcscmp

netapi32

Netbios

advapi32

SetEntriesInAclA
SetSecurityInfo
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
GetSecurityInfo

user32

GetWindowThreadProcessId
EnumChildWindows
EnumWindows
wsprintfA
GetClassNameA
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
KillTimer
SetTimer
DefWindowProcA
SetWindowPos
SystemParametersInfoA
OpenClipboard
CloseClipboard

oleaut32

VariantClear
SysAllocString
SysFreeString
GetErrorInfo

winmm

timeGetTime

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoCreateGuid

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

rpcrt4

UuidToStringA

wininet

InternetSetOptionA
HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetCloseHandle
InternetOpenUrlA

kernel32

GetLastError
HeapFree
GetLocalTime
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
VirtualAllocEx
OpenProcess
GetCurrentProcessId
SleepEx
MoveFileExA
WaitForSingleObject
CreateProcessA
lstrlenA
GetVersion
HeapSize
HeapAlloc
SetLastError
Sleep
DeleteFileA
CreateFileA
GetProcessHeap
InterlockedExchange
GetFullPathNameA
GetSystemDirectoryA
GetWindowsDirectoryA
lstrcpyA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
LocalFree
FormatMessageA
GetThreadTimes
GetCurrentThread
FreeEnvironmentStringsA
GetEnvironmentStrings
GetProcessTimes
GetCurrentProcess
lstrcmpiA
GetModuleFileNameA
MultiByteToWideChar
GetSystemInfo
lstrcmpA
lstrcpynA
CloseHandle
CreateRemoteThread
GetVersionExA
GetEnvironmentVariableA
WriteProcessMemory
GetCurrentDirectoryA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64a5e435e7ad1277b1a163815140e055

Headers

File Characteristics

Imports

version

shlwapi

msvcrt

netapi32

advapi32

user32

oleaut32

winmm

ole32

psapi

rpcrt4

wininet

kernel32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 21KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 21KB

.reloc
Size: 8KB - Virtual size: 7KB