122f4c1f2a7ffacf2a3fb7c3cf771a00

Sharing

Copy URL

Twitter E-mail

General

Target

122f4c1f2a7ffacf2a3fb7c3cf771a00
Size

230KB
MD5

122f4c1f2a7ffacf2a3fb7c3cf771a00
SHA1

6986d9ded824d08ffdf9bef02392bb45dfc97253
SHA256

14b49cfb2f9569dd6d84259362e9cce0e7d615eb30d1e10abbc224b8197d89d7
SHA512

321ec6179be7b417aaf704be3efc513004613407df2d9a08a4ebfc55c4d1ace1d6bd6acd76c19bf932265b6f109553b7f7baa391e761da2df9536f706cf3f3cc
SSDEEP

3072:CR40TCOF6XGDu7as51V23YqpNefa29lDBszXwovkWFsto0umuVOAjMwajr6:M02au+/2kyOB/ocysuVOAj26

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
122f4c1f2a7ffacf2a3fb7c3cf771a00

Files

122f4c1f2a7ffacf2a3fb7c3cf771a00
.dll regsvr32 windows:4 windows x86 arch:x86

e1389f2d52033a03aabd1554ee444a98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
InterlockedCompareExchange
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
DeleteFileW
GlobalFree
FatalAppExitW
WideCharToMultiByte
CreateThread
Sleep
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpynW
GetProcAddress
GetVersionExW
lstrcmpiW
GetCurrentThreadId
LoadLibraryW
SetLastError
GetCurrentProcess
FlushInstructionCache
OpenEventW
WaitForSingleObject
CloseHandle
FreeLibrary
LoadLibraryExW
LocalFree
FormatMessageW
lstrlenW
HeapAlloc
GetProcessHeap
RaiseException
HeapFree
GetLastError
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
GetUserDefaultLangID
MultiByteToWideChar
FindFirstFileW
FindClose
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetACP
LocalAlloc

user32

MessageBoxW
IsWindow
MapWindowPoints
GetDlgItem
GetTopWindow
SetDlgItemTextW
ShowWindow
ScreenToClient
SetWindowPlacement
GetWindowPlacement
GetClientRect
GetWindowRect
GetWindow
SetClipboardData
OffsetRect
ReleaseCapture
GetCapture
SetCapture
CopyRect
IsRectEmpty
InflateRect
DrawTextW
EndDialog
DestroyWindow
MapDialogRect
UnregisterClassA
GetSystemMetrics
GetParent
CloseClipboard
CallNextHookEx
GetFocus
DefWindowProcW
SetWindowsHookExW
GetDC
ReleaseDC
GetClassNameW
RedrawWindow
PtInRect
SetRectEmpty
SetCursor
GetCursorPos
BeginPaint
EndPaint
PostMessageW
InvalidateRect
SetTimer
KillTimer
GetDlgCtrlID
DrawFocusRect
CallWindowProcW
GetWindowDC
IsCharAlphaNumericW
DrawIconEx
GetTabbedTextExtentW
SetForegroundWindow
DrawStateW
TabbedTextOutW
SetFocus
CreateWindowExW
IsWindowEnabled
GetKeyState
OpenClipboard
EmptyClipboard
GetActiveWindow
GetNextDlgTabItem
UnhookWindowsHookEx
SetWindowPos
MoveWindow
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SendMessageW
GetWindowLongW
SystemParametersInfoW
DestroyIcon
LoadImageW
DialogBoxParamW
SetWindowLongW
GetSysColor
LoadCursorW

gdi32

Polygon
ExtCreatePen
SetROP2
GetBkColor
SetViewportOrgEx
SetTextAlign
TextOutW
GetTextExtentExPointW
CreateCompatibleDC
SetTextColor
CombineRgn
CreateRectRgn
RoundRect
GetClipRgn
SelectClipRgn
BitBlt
PtInRegion
CreateRectRgnIndirect
CreateCompatibleBitmap
DeleteDC
SetBkColor
ExtTextOutW
GetTextExtentPoint32W
SetBkMode
GetTextMetricsW
SelectObject
GetStockObject
GetObjectType
GetObjectW
CreateSolidBrush
CreateFontIndirectW
CreatePen
DeleteObject

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

shell32

ShellExecuteExW
SHGetSpecialFolderPathW

ole32

CoCreateInstance
CreateStreamOnHGlobal

oleaut32

SysStringLen
VarBstrCmp
VariantClear
DispCallFunc
GetErrorInfo
SysFreeString
SysAllocStringLen
SafeArrayUnlock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayLock
SysAllocString
SafeArrayCreate
SafeArrayDestroy
VariantInit
SysAllocStringByteLen
SysStringByteLen

atl80

ord61
ord40
ord48
ord47
ord11
ord10
ord32
ord30
ord18
ord43
ord42
ord15
ord44
ord23
ord49
ord64
ord22

shlwapi

StrChrW
ColorAdjustLuma

comctl32

ImageList_GetImageCount
ImageList_Create
ImageList_ReplaceIcon
ImageList_Draw
_TrackMouseEvent
ImageList_GetIcon
InitCommonControlsEx
ImageList_Destroy

msimg32

GradientFill

msvcr80

__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
?terminate@@YAXXZ
memcpy
wcsstr
_wcsicmp
wcschr
_wcsupr_s
iswspace
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
calloc
swscanf_s
_purecall
memset
??_U@YAPAXI@Z
malloc
memmove_s
vswprintf_s
_vscwprintf
wcsrchr
memcpy_s
_recalloc
??_V@YAXPAX@Z
free
swprintf_s
__CxxFrameHandler3
_CxxThrowException
??3@YAXPAX@Z
_crt_debugger_hook

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1389f2d52033a03aabd1554ee444a98

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

atl80

shlwapi

comctl32

msimg32

msvcr80

msvcp80

Exports

Exports

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 1024B - Virtual size: 6KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 23KB - Virtual size: 22KB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 23KB - Virtual size: 22KB