19da8ac46268a4a59bc8ba56e55fc67f

Sharing

Copy URL

Twitter E-mail

General

Target

19da8ac46268a4a59bc8ba56e55fc67f
Size

152KB
MD5

19da8ac46268a4a59bc8ba56e55fc67f
SHA1

9e005c9dc8e83e66679ba5d481a6297d888054a5
SHA256

21bc5b35846c0c12fc951752bad50cb9674ed2c29f2faaa88f3bcedfb654a3ca
SHA512

6c849178f14172c02aa22f8be5515a2e81ebeb5868a1fb2946c9434fcd85f1445890dabdb6041c85621ec726d20e1cd61d99c456e20c09bd19bf07141b27174c
SSDEEP

3072:eu5bRoUxbWj4ks61x8/p92O+m0T6onvGiGmtqQnvsxafALrVubc8G:eebRoU49n38XjCTDt7nvscfALZa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19da8ac46268a4a59bc8ba56e55fc67f

Files

19da8ac46268a4a59bc8ba56e55fc67f
.dll regsvr32 windows:5 windows x86 arch:x86

c0d05b93ca517a3317a5c3d67146a8d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z

kernel32

DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEvent
CloseHandle
GetOverlappedResult
DeviceIoControl
GetLastError
CreateEventA
WaitForSingleObject
WaitForMultipleObjects
ResetEvent
QueryPerformanceCounter
GetTickCount
InitializeCriticalSection
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
VirtualProtect
GetVersionExW
DisableThreadLibraryCalls
InterlockedIncrement
FreeLibrary
InterlockedDecrement
CreateEventW
GetProcAddress
GetModuleHandleW
lstrlenW
VirtualAlloc
GetCurrentThreadId
CreateThread
MultiByteToWideChar
lstrlenA
GetModuleFileNameA

advapi32

RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegCreateKeyW
RegDeleteKeyW

user32

wsprintfW

ole32

CoInitialize
CoFreeUnusedLibraries
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
IIDFromString

oleaut32

SysAllocString
SysStringLen
SysStringByteLen
SysFreeString

Exports

Exports

ServiceMain
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0d05b93ca517a3317a5c3d67146a8d6

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 396B

.rsrc Size: 133KB - Virtual size: 133KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 396B

.rsrc
Size: 133KB - Virtual size: 133KB

.reloc
Size: 2KB - Virtual size: 1KB