1ac3d669e010f8199c65e4f8febcb024

Sharing

Copy URL Twitter E-mail

General

Target

1ac3d669e010f8199c65e4f8febcb024
Size

132KB
MD5

1ac3d669e010f8199c65e4f8febcb024
SHA1

5f533014f739928df734908c37f80768c60437bd
SHA256

5eb6e64be4d63cb2ce222b5041f85bb76e31b9c08a5752b5e1bad9079a44a95c
SHA512

c0458c3283778dc892eb806f7bbcef6ae2bd3dae7a5c240c79684764db34fed36e77858e5365b67ccb4df1f57dab9d94d1d9b6418e421a41de9e6489ca93600e
SSDEEP

3072:VHYT+kkjY9+NCoNJWaCLLDlD45r2rroSf5eAoxP2J:V4ywa1JsgrErEP2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ac3d669e010f8199c65e4f8febcb024

Files

1ac3d669e010f8199c65e4f8febcb024
.dll regsvr32 windows:4 windows x86 arch:x86

11474620fb3ed4ac6dd0b8476c8d5430

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventA
GetModuleHandleExW
GetVersionExA
GetFileType
LocalLock
GetComputerNameExW
ReleaseSemaphore
GlobalReAlloc
TerminateProcess
IsValidLocale
GetSystemWindowsDirectoryA
CancelIo
CreateWaitableTimerW
SetDefaultCommConfigW
GetLocalTime
LocalSize
GlobalMemoryStatus
CreateDirectoryW
VirtualAllocEx
GetTimeZoneInformation
CreateSemaphoreA
ResumeThread
TerminateThread
GetThreadLocale
CreateMailslotW
GetVolumePathNameW
CreateWaitableTimerA
GetProfileStringA
TerminateJobObject
GetDiskFreeSpaceA
GetEnvironmentVariableW
GetDriveTypeA
GetVolumeInformationA
SetEnvironmentVariableA
GetNumberFormatA
GetFileAttributesA
MoveFileExW
EscapeCommFunction
UnlockFile
LocalFlags
GetLogicalDriveStringsA
FormatMessageW
GetDriveTypeW
CreateFileW
GetFullPathNameA
PostQueuedCompletionStatus
GetThreadTimes
VerSetConditionMask
GetFileTime
SetComputerNameExW
GlobalMemoryStatusEx
FreeLibraryAndExitThread
IsBadStringPtrA
FindFirstVolumeW
GetLongPathNameW
GetCurrentDirectoryA
GetSystemTime
ConnectNamedPipe
SetHandleInformation
LocalReAlloc
GetCommandLineA
OpenFile
GlobalAddAtomW
QueryPerformanceFrequency
ExpandEnvironmentStringsW
GetCurrentThread
GetThreadPriority
UnlockFileEx
SetConsoleCursorPosition
WaitForMultipleObjectsEx
GetStringTypeA
DisconnectNamedPipe
LocalAlloc
GlobalDeleteAtom
SizeofResource
GetWindowsDirectoryW
OpenMutexW
LoadResource
RemoveDirectoryA
SetEnvironmentVariableW
ExitProcess
FindVolumeClose
CreateNamedPipeA
VirtualQueryEx
WaitForMultipleObjects
FillConsoleOutputAttribute
GetDiskFreeSpaceW
FindNextVolumeW
OpenMutexA
GetCurrentThreadId
GlobalFree
SetConsoleCtrlHandler
GetEnvironmentStringsW
CreateNamedPipeW
SystemTimeToFileTime
SetVolumeMountPointW
GetProcessAffinityMask
LockFileEx
GetDateFormatA
GlobalGetAtomNameW
CompareStringW
CreateTimerQueue
GetSystemDirectoryA
GetCPInfo
lstrlenA
CreateDirectoryA
GetModuleFileNameA
HeapAlloc
InterlockedIncrement
InitializeCriticalSection
GetProcessHeap
GetComputerNameA
UnmapViewOfFile
CreateFileA
GetModuleHandleA
EnterCriticalSection
GetTickCount
GetSystemTimeAsFileTime
WaitForSingleObject
CreateProcessA
MapViewOfFile
Sleep
GetProcAddress
CopyFileA
VirtualProtect
LoadLibraryA
VirtualQuery
CreateFileMappingA
ExpandEnvironmentStringsA
ReadFile
WriteFile
DeleteFileA
GetLastError
ReleaseMutex
CreateThread
SetErrorMode

user32

CreateDialogIndirectParamA
BringWindowToTop
CharNextW
GetDesktopWindow
GetScrollPos
ShowScrollBar
LoadAcceleratorsA
LoadIconW
FreeDDElParam
GetMenuCheckMarkDimensions
WinHelpA
CreateIcon
EqualRect
ReplyMessage
ToAscii
wvsprintfA
GetSysColorBrush
DrawStateA
ChildWindowFromPointEx
GetWindowTextW
GetMenuItemRect
GetMonitorInfoA
ToAsciiEx
IsChild
ChangeDisplaySettingsW
ShowCursor
GetDlgItemTextW
TranslateMessage
CharToOemBuffA
GetProcessDefaultLayout
AdjustWindowRectEx
SetWindowTextA
CopyIcon
ChangeDisplaySettingsA
SetWindowLongW
SendNotifyMessageA
EnumWindowStationsW
SendInput
GetMenuStringA
GetCapture
GetQueueStatus
MapVirtualKeyA
OpenInputDesktop
PostMessageW
GetWindowRect
GetMenuItemCount
MapVirtualKeyExW
GetTopWindow
DrawMenuBar
DrawFocusRect
GetCaretPos
ModifyMenuA
ReleaseCapture
CreateCursor
ShowWindow
RemoveMenu
GetThreadDesktop
GetClassNameW
InSendMessageEx
RegisterHotKey
SetClassLongW
SetTimer
BroadcastSystemMessageW
SetDlgItemTextW
PostThreadMessageA
GetKeyNameTextA
SetClassLongA
DestroyMenu
LoadAcceleratorsW
SetMenuItemBitmaps
GetMenu
DrawTextW
RegisterWindowMessageW
OpenDesktopA
GetWindowRgn
GetForegroundWindow
IsCharAlphaNumericW
DefMDIChildProcA
CreateMenu
ChangeDisplaySettingsExW
GetCursor
SetCaretPos
CreateDialogIndirectParamW
DeferWindowPos
SetCursorPos
GetMonitorInfoW
TabbedTextOutW
WinHelpW
IsDialogMessageA
OffsetRect
ClientToScreen
GetAsyncKeyState
TrackPopupMenu
SetDlgItemTextA
MessageBeep
DialogBoxParamA
UnionRect
PackDDElParam
ShowCaret
GetWindowDC
OemToCharA
ToUnicodeEx
LoadMenuA
TrackPopupMenuEx
SetFocus
SetActiveWindow
LookupIconIdFromDirectory
AllowSetForegroundWindow
GetDlgItemTextA
EnumWindows
WaitMessage
SendMessageTimeoutA
LockWindowUpdate
CharToOemW
PostQuitMessage
IsZoomed
DrawEdge
CallWindowProcW
GetSystemMenu
CharPrevW
GetDialogBaseUnits
PeekMessageA
GetWindowLongA
SetWindowLongA
SetWindowsHookExA
GetMessageA
CreateWindowExA
SendMessageA
UnhookWindowsHookEx
DispatchMessageA
GetClassNameA
CallNextHookEx
RegisterClassExA
FindWindowA
IntersectRect

shlwapi

StrTrimW
PathIsRootW
SHRegGetValueW
PathRemoveFileSpecW
StrToIntA
PathSkipRootW
PathAddExtensionW
wnsprintfA
PathGetDriveNumberW
SHDeleteValueW
SHAutoComplete
StrCmpW
PathIsURLW
SHRegSetUSValueW
PathIsRelativeW
UrlCanonicalizeW
StrRetToStrW
StrCmpNW
UrlCreateFromPathW
PathSetDlgItemPathW
SHStrDupW
StrCmpNIA
PathIsDirectoryW
StrCatBuffA
StrStrIW
PathAddBackslashW
PathRemoveBackslashW
UrlUnescapeW
PathUnquoteSpacesW

advapi32

RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegCloseKey
RegCreateKeyExA
ConvertSidToStringSidA
LookupAccountNameA
RegQueryValueExA
GetSecurityDescriptorSacl
SetNamedSecurityInfoA
RegEnumKeyA
ImpersonateAnonymousToken
EnumServicesStatusA
ReportEventA
NotifyBootConfigStatus
ReadEventLogW
IsTextUnicode
OpenServiceW
ClearEventLogW
RegOpenKeyExW
RegConnectRegistryA
EnumServicesStatusW
GetOldestEventLogRecord
StartServiceA
RegFlushKey
RegSaveKeyA
RegSaveKeyW
GetUserNameW
ImpersonateSelf
ReportEventW
CreateServiceW
RegQueryInfoKeyW
RegisterServiceCtrlHandlerW
SetEntriesInAclW
GetEffectiveRightsFromAclW
RegEnumValueW
RegSetValueW
StartServiceW
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherW
GetInheritanceSourceW
MakeSelfRelativeSD
SetTokenInformation
RegOpenKeyExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11474620fb3ed4ac6dd0b8476c8d5430

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB