27949c705d19f5024bb9e8425c153390

Sharing

Copy URL Twitter E-mail

General

Target

27949c705d19f5024bb9e8425c153390
Size

44KB
MD5

27949c705d19f5024bb9e8425c153390
SHA1

33ec986c9cea23a82c570442b73b3feee8f527b6
SHA256

cb730436e0fad5009e11f7c4867d01f88dddf47f5ae25946bedf2655332d435a
SHA512

895a7e5fe827bedef107cfa0f4e0b87e338f250b436746f105487682bc734df216e628805d5c7464cb5993a7d8a3fd17256db80ef1b489d48b74c67bb0bc8c14
SSDEEP

768:fU1WiOkZ5LKwZpYkm/IDMQ4FWWq35CfXPzL9P6RspksLjDDk2Z7z4GQBaCZ:fOLJoHzGOTjDk2ZX4G4p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27949c705d19f5024bb9e8425c153390

Files

27949c705d19f5024bb9e8425c153390
.dll regsvr32 windows:4 windows x86 arch:x86

1c08da6f6e0129ef7e37a48e554dc6ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
fopen
_initterm
exit
atoi
fgets
strtok
strstr
strchr
strcat
tolower
memcpy
malloc
strlen
strcpy
strcmp
memcmp
free
??2@YAPAXI@Z
_purecall
memset
realloc
??3@YAXPAX@Z
wcstombs

kernel32

GetTempPathA
FreeLibrary
SizeofResource
WriteFile
CloseHandle
CreateFileA
FindClose
FindFirstFileA
TerminateProcess
Sleep
OpenProcess
GetFileAttributesA
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
MultiByteToWideChar
lstrlenA
GetShortPathNameA
GetModuleFileNameA
WideCharToMultiByte
HeapDestroy
CreateDirectoryA
LoadResource
FindResourceA
GetLastError
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
lstrcatA
GetProcAddress
LoadLibraryA
lstrcpyA
HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap

user32

ShowWindow
EnumThreadWindows
BringWindowToTop
MessageBoxA
EnumWindows
IsWindow
GetWindowThreadProcessId
wsprintfA
SetTimer
KillTimer
PostMessageA
TranslateMessage
DispatchMessageA
CharNextA
GetWindowLongA
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
SetWindowLongA
GetWindowTextA
GetDlgItem
SendDlgItemMessageA
GetParent
EndDialog
GetActiveWindow
DialogBoxParamA
EnableWindow
SetWindowTextA

ole32

CoInitialize
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree

oleaut32

VariantClear
VarUI4FromStr
SysAllocString
SysFreeString
RegisterTypeLi
LoadRegTypeLi
SysAllocStringLen
LoadTypeLi
SysStringLen

advapi32

RegDeleteKeyA
RegEnumValueA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA

rasapi32

RasEnumConnectionsA
RasSetEntryPropertiesA
RasGetConnectStatusA
RasEnumDevicesA
RasDialA
RasEnumEntriesA
RasGetEntryDialParamsA
RasSetEntryDialParamsA
RasHangUpA
RasGetEntryPropertiesA
RasGetErrorStringA
RasEditPhonebookEntryA

urlmon

HlinkNavigateString

wininet

InternetOpenUrlA
InternetOpenA
InternetQueryOptionA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetGetConnectedState

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

shlwapi

StrToIntA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c08da6f6e0129ef7e37a48e554dc6ea

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

ole32

oleaut32

advapi32

rasapi32

urlmon

wininet

shell32

shlwapi

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 5KB - Virtual size: 19KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 5KB - Virtual size: 19KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 2KB