13258be9aa2b1f52262664fb9361fb8c

Sharing

Copy URL Twitter E-mail

General

Target

13258be9aa2b1f52262664fb9361fb8c
Size

136KB
MD5

13258be9aa2b1f52262664fb9361fb8c
SHA1

f043b713fe11227f222abb48066b1e2a3d0dd68d
SHA256

c295b5c29fb6d96b29ec42569152b34682b1dce480a85db017eae15a22097bcd
SHA512

2c4c7171f48333a310c4202a87d66d1bc529b711f6fdb282081390dc8755bfc29303609ce55bb7376dac1c2c5605230301875d1362e86b57af0cfff10fd3d980
SSDEEP

3072:K/JXwNBmJJNenDniWWKG+cRLzJjeaVY4X:IJXgbngG2ZeN4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13258be9aa2b1f52262664fb9361fb8c

Files

13258be9aa2b1f52262664fb9361fb8c
.dll regsvr32 windows:4 windows x86 arch:x86

12f8d46a216944aadfd476d25e832bd9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

wininet

HttpQueryInfoA
InternetOpenA
InternetSetOptionA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

user32

CloseClipboard
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
KillTimer
SetTimer
DefWindowProcA
wsprintfA
SystemParametersInfoA
SetWindowPos
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
OpenClipboard

ole32

CoTaskMemAlloc
CoCreateGuid
CoInitialize
CoCreateInstance
CoTaskMemFree

netapi32

Netbios

psapi

EnumProcessModules
GetModuleBaseNameA
EnumProcesses

rpcrt4

UuidToStringA

oleaut32

SysFreeString
VariantClear
SysAllocString
GetErrorInfo

shlwapi

SHGetValueA
SHSetValueA
StrStrIA

advapi32

RegOpenKeyExA
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

msvcrt

fclose
fwrite
fopen
tmpnam
??2@YAPAXI@Z
atoi
strncpy
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
ispunct
__CxxFrameHandler
_CxxThrowException
??1exception@@UAE@XZ
malloc
free
strerror
islower
isgraph
isupper
_stricmp
strchr
srand
tolower
isxdigit
strstr
isalpha
wctomb
__mb_cur_max
printf
isalnum
wcslen
?what@exception@@UBEPBDXZ
wcscmp
toupper
strtok
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
??3@YAXPAX@Z
isspace

kernel32

lstrcmpiA
lstrcpynA
GetModuleHandleA
GetEnvironmentStrings
FreeEnvironmentStringsA
MultiByteToWideChar
SleepEx
GetCurrentThread
GetThreadTimes
GetCurrentProcess
GetProcessTimes
GetWindowsDirectoryA
InterlockedExchange
Sleep
GetModuleFileNameA
GetProcessHeap
HeapAlloc
HeapSize
GetVersion
GetFullPathNameA
SetLastError
lstrcmpA
GetVersionExA
lstrlenA
lstrcpyA
HeapFree
GetCurrentDirectoryA
GetEnvironmentVariableA
OpenProcess
FormatMessageA
LocalFree
GetLastError
GetSystemDirectoryA
DeleteFileA
CreateProcessA
WaitForSingleObject
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
MoveFileExA
GetTickCount
GetCurrentProcessId
CreateFileA
GetLocalTime
QueryPerformanceCounter
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
GetSystemInfo
QueryPerformanceFrequency

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12f8d46a216944aadfd476d25e832bd9

Headers

File Characteristics

Imports

winmm

wininet

version

user32

ole32

netapi32

psapi

rpcrt4

oleaut32

shlwapi

advapi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 16KB - Virtual size: 18KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 16KB - Virtual size: 18KB

.reloc
Size: 8KB - Virtual size: 6KB