2b91a2b40c46ed270fc0d133a978e72f

Sharing

Copy URL

Twitter E-mail

General

Target

2b91a2b40c46ed270fc0d133a978e72f
Size

228KB
MD5

2b91a2b40c46ed270fc0d133a978e72f
SHA1

e7f3fa0d487d6854100f29a5c61016a4487ccbcc
SHA256

d47a5a71ef7b6d75a6fb8ee4007999d89faa1696d4366d7843961bafa90102b8
SHA512

24030724fb93e7a27fa66fdc78294c66e21bf3d17b77fe68fb1052a07ebf6fdf117f723e7bf34c439ef83f28937a86773ddcdf7d40e48b4b40bb4596f0c1f2c6
SSDEEP

3072:U/DYpIzYNTaF+crdjI5956au9BWq0a4gPa8dYcrE7KGLMqAEEtTJ/TvUao8DG3Ji:U/DYpIV+YIi/0arhfGAEEU1bQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b91a2b40c46ed270fc0d133a978e72f

Files

2b91a2b40c46ed270fc0d133a978e72f
.dll regsvr32 windows:4 windows x86 arch:x86

78dc31624694c8a629b239b586606962

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ord17

advapi32

RegQueryValueExA
RegEnumValueA
RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryInfoKeyA

gdi32

OffsetWindowOrgEx
ExtTextOutA
SetBkColor
GetRgnBox
CreateRectRgnIndirect
GetStockObject
SetTextColor
GetTextColor
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
DeleteObject
GetObjectType
GetBitmapBits
GetObjectA
SetBkMode
RectInRegion
OffsetRgn
LineTo
MoveToEx
CreatePen
SelectClipRgn
SetPixel
GetBkColor
SelectClipPath
EndPath
CloseFigure
BeginPath
UpdateColors
DeleteDC
BitBlt
RealizePalette
SelectPalette
CreateCompatibleDC
CreateCompatibleBitmap
CreatePalette
CreateRectRgn
CreateBitmap
GetPixel
GetDeviceCaps
SetWindowOrgEx

kernel32

GetVersionExA
HeapCreate
ResumeThread
SetThreadPriority
GetThreadPriority
GetCurrentThread
GetPriorityClass
GetCurrentProcess
GetShortPathNameA
SizeofResource
LoadResource
FindResourceA
lstrcmpiA
IsDBCSLeadByte
HeapDestroy
LoadLibraryA
InterlockedIncrement
InterlockedDecrement
FlushInstructionCache
GetCurrentThreadId
GetSystemInfo
CreateThread
CreateEventA
MapViewOfFile
CreateFileMappingA
SetEvent
HeapAlloc
UnmapViewOfFile
GetLocalTime
MoveFileA
DebugBreak
HeapReAlloc
HeapFree
RemoveDirectoryA
FindClose
SetLastError
SetFileAttributesA
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
GetWindowsDirectoryA
LockResource
FlushFileBuffers
SetFilePointer
GetUserDefaultLangID
CopyFileA
WritePrivateProfileSectionA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetCommandLineA
GetCurrentDirectoryA
WaitForMultipleObjects
WritePrivateProfileStringA
DisableThreadLibraryCalls
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryExA
GetProcAddress
EnterCriticalSection
FreeLibrary
LeaveCriticalSection
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
DeleteFileA
CreateProcessA
CreateFileA
GetFileSize
ReadFile
WriteFile
GetExitCodeProcess
lstrcpyA
GetLastError
GetModuleFileNameA
CreateDirectoryA
lstrcmpA
GetTickCount
OpenFile
GetCurrentProcessId
WaitForSingleObject
ReleaseMutex
lstrlenA
lstrcpynA
lstrcatA
CreateMutexA
CloseHandle
ResetEvent
GetSystemDirectoryA

ole32

CoCreateGuid
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CreateOleAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoFreeUnusedLibraries
CLSIDFromProgID

oleaut32

VariantInit
SysAllocString
VariantClear
SysAllocStringLen
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
SysStringLen
VariantChangeTypeEx
SysFreeString

user32

GetClassNameA
UpdateWindow
MoveWindow
DispatchMessageA
TranslateMessage
GetMessageA
ReleaseCapture
GetAsyncKeyState
GetIconInfo
CreateIcon
IsWindow
DestroyWindow
SetFocus
GetFocus
IsChild
GetClassInfoExA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetWindow
UnionRect
PtInRect
GetKeyState
CharNextA
CallWindowProcA
GetWindowLongA
DefWindowProcA
SetWindowLongA
SetForegroundWindow
PostMessageA
GetParent
GetWindowRect
MapWindowPoints
IsRectEmpty
GetSysColor
SendMessageA
SetTimer
PostQuitMessage
KillTimer
wsprintfA
MessageBoxA
BeginPaint
GetClientRect
EndPaint
InvalidateRect
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
ShowWindow
DrawIconEx
DrawTextA
TrackPopupMenuEx
GetUpdateRgn
ClientToScreen
ScreenToClient
SetCapture
GetForegroundWindow
ValidateRect
DrawEdge
GetActiveWindow
SetWindowPos
DestroyIcon
GetMessagePos
GetMessageTime
CallNextHookEx
EnumWindows
PeekMessageA
GetWindowThreadProcessId
GetKeyboardType
GetWindowTextA
GetWindowTextLengthA
EnumChildWindows
ReleaseDC
GetDC
IsWindowVisible
LoadImageA
SetRectEmpty
SetWindowTextA
EnableMenuItem
GetMenuItemInfoA
CheckMenuItem
GetDesktopWindow
InflateRect
AppendMenuA
CreatePopupMenu
DestroyMenu
IsMenu
CopyRect
SetRect
UnregisterClassA
WindowFromPoint
GetCursorPos
GetCapture
SubtractRect
FindWindowA
AdjustWindowRectEx
UnhookWindowsHookEx
SetWindowsHookExA
CreateIconIndirect

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Update

Sections

.text
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78dc31624694c8a629b239b586606962

Headers

File Characteristics

Imports

comctl32

advapi32

gdi32

kernel32

ole32

oleaut32

user32

version

Exports

Exports

Sections

.text Size: 136KB - Virtual size: 132KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 52KB - Virtual size: 51KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 136KB - Virtual size: 132KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 52KB - Virtual size: 51KB

.reloc
Size: 12KB - Virtual size: 9KB