23fd3891f337b30a0a7bcfb773981af1

Sharing

Copy URL

Twitter E-mail

General

Target

23fd3891f337b30a0a7bcfb773981af1
Size

144KB
MD5

23fd3891f337b30a0a7bcfb773981af1
SHA1

8070f5c5bae854a1e9a5d95539e5b072e5dcae25
SHA256

53e226763fbb8785c8d636fd249df32ead81de335031e003c57a9163e1e51d06
SHA512

920bdac4a8c6183bb6b70289627695852ae3e4a87cc64bd4898be02d012f159c59a35ad381d364784f8028f0a3df29f54e10a135f40ecb9bcf1ab438b351478a
SSDEEP

3072:cZ0vt3ito4EvmPk0wlE7V/LSu2KtOcJPWcBJVGzs4yoO:93+xhcnW7V/LXLWchGzsZH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23fd3891f337b30a0a7bcfb773981af1

Files

23fd3891f337b30a0a7bcfb773981af1
.dll regsvr32 windows:4 windows x86 arch:x86

313eb419410677b4b54d8ffe5d9b5fd4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoCreateGuid

netapi32

Netbios

shlwapi

SHSetValueA
StrStrIA
SHGetValueA

rpcrt4

UuidToStringA

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

advapi32

RegQueryValueExW
RegOpenKeyExA
RegCloseKey
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegOpenKeyExW

msvcrt

fclose
fwrite
fopen
tmpnam
atoi
strtol
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
isupper
isspace
ispunct
strerror
srand
_stricmp
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
free
strncpy
toupper
__CxxFrameHandler
isalnum
strtok
??0exception@@QAE@ABV0@@Z
tolower
??0exception@@QAE@XZ
wcslen
_CxxThrowException
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
wcscmp
isalpha
isgraph
islower
isxdigit
printf
wctomb
__mb_cur_max
strstr
strchr

wininet

HttpQueryInfoA
InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetOpenUrlA
InternetReadFile

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

user32

DispatchMessageA
wsprintfA
OpenClipboard
RegisterClassExA
SetWindowPos
SystemParametersInfoA
KillTimer
EnumWindows
EnumChildWindows
GetWindowThreadProcessId
GetClassNameA
DefWindowProcA
SetTimer
TranslateMessage
GetMessageA
CreateWindowExA
ShowWindow
CloseClipboard

oleaut32

VariantClear
SysAllocString
GetErrorInfo
SysFreeString

winmm

timeGetTime

kernel32

GetFullPathNameA
InterlockedExchange
SetLastError
GetWindowsDirectoryA
GetVersionExA
GetCurrentProcess
GetProcessTimes
GetThreadTimes
GetCurrentThread
LocalFree
FormatMessageA
MultiByteToWideChar
FreeEnvironmentStringsA
GetEnvironmentStrings
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
lstrlenA
lstrcpyA
GetCurrentDirectoryA
SleepEx
GetLastError
GetCurrentProcessId
HeapAlloc
HeapSize
GetVersion
GetModuleHandleA
GetModuleFileNameA
HeapFree
GetSystemDirectoryA
CreateFileA
GetProcessHeap
LoadLibraryA
OpenProcess
VirtualAllocEx
GetProcAddress
WriteProcessMemory
CreateRemoteThread
CloseHandle
FreeLibrary
Sleep
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemInfo
lstrcpynA
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
GetLocalTime

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

313eb419410677b4b54d8ffe5d9b5fd4

Headers

File Characteristics

Imports

ole32

netapi32

shlwapi

rpcrt4

psapi

advapi32

msvcrt

wininet

version

user32

oleaut32

winmm

kernel32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 22KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 22KB

.reloc
Size: 8KB - Virtual size: 7KB