199cc5fcf97864af243d9f25b2c62c1a

Sharing

Copy URL Twitter E-mail

General

Target

199cc5fcf97864af243d9f25b2c62c1a
Size

152KB
MD5

199cc5fcf97864af243d9f25b2c62c1a
SHA1

58819dc78fec0276c2520c506ba276657d9750f9
SHA256

f80334f10ede28a33e5b03f60ae86e794d4953be325d9ce41306672c20f220e9
SHA512

9ffb798031f65ae06aaa9acde2ca0130ff9e72e54bd26071fb7c96df7f2a54ecc88e2db55309ace091b4387147938b6fb8e967e21799c353f56c62fefcf4f3bc
SSDEEP

3072:8cM3+JnRZ05o3/de8+gBXvR7A5K/dQpCHJfKBxpy512LQ:8l3ub0q3/M8J9vZAY/qpCp2UeLQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
199cc5fcf97864af243d9f25b2c62c1a

Files

199cc5fcf97864af243d9f25b2c62c1a
.dll regsvr32 windows:4 windows x86 arch:x86

0619f8f2c7d2e67e3c22cdbcc58369d2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_stricmp
??3@YAXPAX@Z
free
malloc
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
atoi
tmpnam
fopen
fwrite
fclose
strtok
toupper
strstr
srand
wcscmp
??0exception@@QAE@ABV0@@Z
?what@exception@@UBEPBDXZ
wcslen
??1exception@@UAE@XZ
??0exception@@QAE@XZ
strchr
_CxxThrowException
__CxxFrameHandler
__mb_cur_max
wctomb
isalpha
tolower
isgraph
isxdigit
printf
isalnum
isupper
isspace
islower
strerror
ispunct
strncpy
??2@YAPAXI@Z

shlwapi

SHSetValueA
StrStrIA
SHGetValueA

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

user32

GetClassNameA
EnumWindows
OpenClipboard
DispatchMessageA
TranslateMessage
GetMessageA
CloseClipboard
GetWindowThreadProcessId
EnumChildWindows
KillTimer
SetTimer
DefWindowProcA
wsprintfA
SystemParametersInfoA
SetWindowPos
RegisterClassExA
CreateWindowExA
ShowWindow

rpcrt4

UuidToStringA

wininet

InternetCloseHandle
InternetOpenA
HttpQueryInfoA
InternetSetOptionA
InternetOpenUrlA
InternetReadFile

oleaut32

SysAllocString
GetErrorInfo
SysFreeString
VariantClear

winmm

timeGetTime

netapi32

Netbios

ole32

CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoCreateGuid
CoTaskMemFree

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegOpenKeyExA

kernel32

QueryPerformanceCounter
GetTickCount
CloseHandle
OpenProcess
GetEnvironmentVariableA
GetProcessHeap
GetThreadTimes
GetCurrentThread
GetWindowsDirectoryA
GetVersionExA
QueryPerformanceFrequency
MoveFileExA
GetCurrentDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
FreeEnvironmentStringsA
GetEnvironmentStrings
lstrcpyA
lstrlenA
GetLastError
GetProcessTimes
GetCurrentProcess
GetModuleFileNameA
GetModuleHandleA
MultiByteToWideChar
GetSystemDirectoryA
Sleep
SetLastError
GetFullPathNameA
LocalFree
FormatMessageA
HeapFree
HeapSize
HeapAlloc
GetVersion
InterlockedExchange
lstrcpynA
lstrcmpiA
lstrcmpA
GetLocalTime
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
DeleteFileA
CreateProcessA
WaitForSingleObject
GetSystemInfo
GetCurrentProcessId
CreateFileA
SleepEx

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0619f8f2c7d2e67e3c22cdbcc58369d2

Headers

File Characteristics

Imports

msvcrt

shlwapi

psapi

user32

rpcrt4

wininet

oleaut32

winmm

netapi32

ole32

version

advapi32

kernel32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 20KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 20KB

.reloc
Size: 8KB - Virtual size: 7KB