2a47a231a5ac0a2678372eae9dcfbf1a

Sharing

Copy URL Twitter E-mail

General

Target

2a47a231a5ac0a2678372eae9dcfbf1a
Size

368KB
MD5

2a47a231a5ac0a2678372eae9dcfbf1a
SHA1

a36659f919453b93367302f2791166c33d033243
SHA256

6dc0bd131c892c92015f55d18c7bc905aa131067e257b6117ccc19e9aceb7f4a
SHA512

485f5be8fa3257a23b8d2a4b26f50d2351568f48b5d1919637e8827ece8696b8fab096d0dcfc7c3bcafb7ec461f2b7127cdc3bc7c10558903ace1d2b4e8b5c47
SSDEEP

6144:5n0jSgfIoJFIhl2EzThF1utVw1y6U+3clTqOiXMlxUht+Rj+s:p0egfLJ8PzThF1iVwh3uTqVcMt+J+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a47a231a5ac0a2678372eae9dcfbf1a

Files

2a47a231a5ac0a2678372eae9dcfbf1a
.dll regsvr32 windows:4 windows x86 arch:x86

0825ccbf5d04eecf0fb3ec8137fa0f64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
LoadLibraryA
GetWindowsDirectoryW
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
CreateEventA
CloseHandle
TerminateThread
WaitForMultipleObjects
GetLastError
CreateProcessA
GetStartupInfoA
SetLastError
FormatMessageA
HeapDestroy
HeapFree
HeapAlloc
HeapCreate
GetLocalTime
SetEvent
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
GetModuleFileNameA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
lstrcatA
lstrcpyA
RaiseException
LocalAlloc
FlushFileBuffers
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
Sleep
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
lstrlenA
GetCurrentThreadId
SetStdHandle
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
IsBadCodePtr
SetFilePointer
GetProcessHeap
GetEnvironmentStringsW
FreeEnvironmentStringsW
CreateThread
ExitThread
RtlUnwind
IsBadWritePtr
IsBadReadPtr
HeapValidate
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
TerminateProcess
GetCurrentProcess
ExitProcess
UnhandledExceptionFilter
DebugBreak
GetStdHandle
WriteFile
OutputDebugStringA
HeapReAlloc
VirtualFree
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

SendMessageA
wvsprintfA
FindWindowA
PostMessageA
CharNextA

advapi32

RegEnumKeyExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance

oleaut32

SafeArrayUnaccessData
SafeArrayCreate
UnRegisterTypeLi
RegisterTypeLi
SysStringLen
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SysAllocStringLen
SysFreeString
VariantInit
SafeArrayAccessData
SysAllocString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0825ccbf5d04eecf0fb3ec8137fa0f64

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 180KB - Virtual size: 183KB

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 180KB - Virtual size: 183KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 12KB - Virtual size: 9KB