12e60e08783842afaada2ed38eda3e45

Sharing

Copy URL Twitter E-mail

General

Target

12e60e08783842afaada2ed38eda3e45
Size

377KB
MD5

12e60e08783842afaada2ed38eda3e45
SHA1

eab6e49e25326537c9c33fed148a349ef2b9ff52
SHA256

ea5993ab07b92a863b66c7a8536c0ee2d3a20738618df388a2b4d199c968c812
SHA512

49d0b87efbe0358e21df161522877181310920ecaff1249fa5b37e220c3a2476ffafacc18c582e0a341c98ec9b870b95221e04c239eefb74fef072c06079edf0
SSDEEP

6144:OYD2CYfg++hh6HXqEzliS+ox0wnplYDR9kBQZhGEuD9Hc:hDgVi63iSDSwp2D0Bv8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12e60e08783842afaada2ed38eda3e45

Files

12e60e08783842afaada2ed38eda3e45
.dll regsvr32 windows:6 windows x86 arch:x86

f86f84dffa1943a56175936ade45bb67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

__dllonexit
_lock
_onexit
_vsnwprintf
towlower
_unlock
iswspace
wcspbrk
_initterm
_XcptFilter
_CIpow
_purecall
_CIlog10
??_U@YAPAXI@Z
??_V@YAXPAX@Z
wcschr
memcpy
??2@YAPAXI@Z
realloc
free
malloc
memset
memmove
_amsg_exit
_adjust_fdiv
towupper
_beginthreadex
bsearch
iswdigit
_wtoi
_wcsicmp
_wtol
_wcsnicmp
wcsncmp
wcsrchr
wcsstr
??3@YAXPAX@Z

kernel32

LoadLibraryA
GetTimeFormatW
GetLocaleInfoW
GetLastError
GetVersionExW
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
MultiByteToWideChar
lstrlenW
lstrcpyW
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
GetProcAddress
LoadLibraryW
GetModuleHandleW
lstrcpynW
GetModuleFileNameW
FreeLibrary
DisableThreadLibraryCalls
lstrcatW
lstrlenA
SizeofResource
FindResourceW
GetDriveTypeW
RaiseException
InterlockedExchange
Sleep
InterlockedCompareExchange
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetVersion
CompareStringW
WideCharToMultiByte
ExpandEnvironmentStringsW
SetErrorMode
CreateThread
WaitForSingleObject
GetExitCodeThread
SetLastError
GetFileAttributesW
LoadResource
CreateFileA
DeviceIoControl
CreateFileW
CloseHandle
LoadLibraryExW
lstrcmpiW
DebugBreak
GetWindowsDirectoryW
QueryDosDeviceW

gdi32

GetDeviceCaps

user32

GetDC
ReleaseDC
CharPrevW
CharNextW
CharNextA

advapi32

RegEnumKeyExW
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
TraceMessage
RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW

ole32

CoInitializeEx
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CLSIDFromString
ReadClassStm
CoCreateInstance
StringFromCLSID

oleaut32

SafeArrayAccessData
LoadTypeLi
RegisterTypeLi
VarUI4FromStr
SysAllocStringByteLen
SafeArrayUnaccessData
SafeArrayCreate
VariantChangeType
LoadRegTypeLi
VariantInit
SysAllocStringLen
SysAllocString
SysFreeString
VariantClear
SysStringByteLen
SafeArrayDestroy
SysStringLen

mpr

WNetGetConnectionW
WNetAddConnection2W
WNetCancelConnection2W

shlwapi

PathGetCharTypeW
PathGetCharTypeA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f86f84dffa1943a56175936ade45bb67

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

gdi32

user32

advapi32

ole32

oleaut32

mpr

shlwapi

Exports

Exports

Sections

.text Size: 233KB - Virtual size: 233KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 106KB - Virtual size: 105KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 233KB - Virtual size: 233KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 106KB - Virtual size: 105KB

.reloc
Size: 20KB - Virtual size: 19KB