25762cc1f03be08364e7f5979e209293

Sharing

Copy URL

Twitter E-mail

General

Target

25762cc1f03be08364e7f5979e209293
Size

70KB
MD5

25762cc1f03be08364e7f5979e209293
SHA1

582da2ef6a2d9ce41b495ea14e5dcdbb2520bbe3
SHA256

e2f448da052f1d4e4e6fc2f7e51b508eab28f03b0e5812e0f5095195ff894dcd
SHA512

6c2cef5d262b35d9a950358ef75232f41bb52c225ff7a5c3002fcc44d8ff1896aa162dea03621484325cc3f698972acd767e7c532053fd200484c19f3f14d21e
SSDEEP

1536:gsZNUZiXHkplOsMr1cQ5eN4XNDqYlKqzKkLn9sQ:gykiXHJsg1reKNbzKkL9sQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25762cc1f03be08364e7f5979e209293

Files

25762cc1f03be08364e7f5979e209293
.dll regsvr32 windows:5 windows x86 arch:x86

0f6924e350c6927f2e1ead8b3c6f9c05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTickCount
SetEvent
MulDiv
CreateThread
DuplicateHandle
QueueUserAPC
CreateSemaphoreW
QueryPerformanceCounter
ResetEvent
lstrcmpW
CreateEventW
DisableThreadLibraryCalls
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
FreeLibrary
GetCurrentThread
lstrcpynW
GetModuleFileNameW
lstrlenW
lstrcatW
HeapDestroy
WaitForSingleObject
GetCurrentProcess
CloseHandle
GetCurrentThreadId
lstrlenA
MultiByteToWideChar
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
lstrcpyW
ReleaseSemaphore

user32

CharNextW
wsprintfW
IsRectEmpty

advapi32

RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

oleaut32

VariantInit
SysStringLen
SysFreeString
VariantClear
SysAllocString
VariantChangeType
VarI4FromStr
LoadTypeLi
RegisterTypeLi
SetErrorInfo
LoadRegTypeLi
SysAllocStringLen

ddraw

DirectDrawCreate

msvcrt

_adjust_fdiv
_initterm
_purecall
free
??2@YAPAXI@Z
realloc
??3@YAXPAX@Z
malloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f6924e350c6927f2e1ead8b3c6f9c05

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

ddraw

msvcrt

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 57KB

.data Size: 512B - Virtual size: 500B

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 57KB

.data
Size: 512B - Virtual size: 500B

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 4KB