2266aab47e7f4615d05e5cdf9c90dd70

Sharing

Copy URL Twitter E-mail

General

Target

2266aab47e7f4615d05e5cdf9c90dd70
Size

91KB
MD5

2266aab47e7f4615d05e5cdf9c90dd70
SHA1

5156d8e45739ab0fc91efb0120723d1d24e06e08
SHA256

51f59b0dd5ae49c9be24085beb78ce02442e6d0524d56f7fff56bada0641c226
SHA512

41f92692d7737122f5bfede2c70642c68b60133f6019b0a6259ece60e695ca4f913bb94b8f7cc44fd01d547b3147667d1219a93df538bc40eb1cf906f57d2a78
SSDEEP

1536:LGREw46KAQoN/iBriLfWyUveMoDIxgaNqszr+B8kBzqE8vHd4k78jF:3w4cQoNBLO6DI6a9r+GOGEK8jF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2266aab47e7f4615d05e5cdf9c90dd70

Files

2266aab47e7f4615d05e5cdf9c90dd70
.dll regsvr32 windows:6 windows x86 arch:x86

27f832bbf1f1c0ab32495992d771bbb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_except_handler4_common
_amsg_exit
_initterm
_XcptFilter
memset
malloc
??3@YAXPAX@Z
free
atol
_vsnprintf
_purecall
??2@YAPAXI@Z
realloc
memcpy

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegQueryValueExA

kernel32

SetFilePointer
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTempFileNameA
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetTempPathA
GetFileSize
CreateFileA
GetLocalTime
CreateMutexA
InterlockedExchange
Sleep
InterlockedCompareExchange
GetCurrentProcess
lstrcatA
GetVersionExA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetLastError
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
LoadLibraryA
GetProcAddress
GetModuleHandleA
lstrlenA
IsDBCSLeadByte
lstrcmpiA
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
DisableThreadLibraryCalls
ReadFile
lstrcpynA
lstrcpyA
GetModuleFileNameA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
CloseHandle
WaitForSingleObject
GetSystemDirectoryA
ReleaseMutex
MoveFileA
DeleteFileA
WriteFile
QueryPerformanceCounter

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
SysStringLen

user32

CharPrevA
LoadStringA
CharNextA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27f832bbf1f1c0ab32495992d771bbb3

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

ole32

oleaut32

user32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 22KB

.data Size: 60KB - Virtual size: 61KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 22KB

.data
Size: 60KB - Virtual size: 61KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB