2ae05cc0e71f46c2be33158546f0c587

Sharing

Copy URL Twitter E-mail

General

Target

2ae05cc0e71f46c2be33158546f0c587
Size

539KB
MD5

2ae05cc0e71f46c2be33158546f0c587
SHA1

ba7c38f5fd5797c1d9c17a692c49549223b6b3d1
SHA256

c25b8a97e4f1c51e7ff568b8aafc01544a2869195d17d02b546f19d30e545a66
SHA512

72340a68a46c566544863e6d27b2a75e1d1578b5bc616283b4e15db5ff2f52c5a040d6d0d24bf43a808aafdd1532014df7017663028b5ddd7e41624107d7cc25
SSDEEP

12288:eZbByVzumebDQgyk5Kh7edSZFpBx9x8E0jdgD6+OXggt:eZIVDefDw7edyx8Rje65

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ae05cc0e71f46c2be33158546f0c587

Files

2ae05cc0e71f46c2be33158546f0c587
.dll regsvr32 windows:5 windows x86 arch:x86

52266078f0b78f1edd40f5a2c664b7ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCommandLineA
HeapAlloc
HeapSize
HeapReAlloc
Sleep
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
HeapCreate
HeapDestroy
VirtualFree
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetTickCount
FileTimeToSystemTime
lstrlenA
GetCurrentProcessId
lstrcmpA
CompareStringA
InterlockedExchange
GlobalFlags
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetModuleHandleA
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
GetModuleFileNameW
GlobalAlloc
GlobalFree
GetThreadLocale
lstrlenW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
GetLastError
SetLastError
lstrcmpW
GetModuleHandleW
GetVersionExA
FindResourceW
LoadResource
LockResource
SizeofResource
FreeLibrary
LoadLibraryW
WideCharToMultiByte
OpenMutexW
CreateMutexW
WaitForSingleObject
ReleaseMutex
CloseHandle
MultiByteToWideChar
LoadLibraryA
GetProcAddress
InterlockedDecrement
GetEnvironmentStrings
InterlockedIncrement

user32

PostThreadMessageW
ReleaseCapture
SetCapture
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
LoadCursorW
GetSysColorBrush
GetWindowThreadProcessId
PostQuitMessage
DestroyMenu
UnregisterClassW
GetMessageW
TranslateMessage
ValidateRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowContextHelpId
MapDialogRect
CharNextW
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
GetFocus
IsWindow
SetFocus
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
EnableWindow
SendMessageW
RemovePropW
SetWindowLongW
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
CharUpperW
RegisterClipboardFormatW
MessageBeep
GetNextDlgGroupItem
CallWindowProcW
GetPropW
RealGetWindowClassW
EnumChildWindows
GetWindowTextW
SetPropW
BringWindowToTop
GetWindowRect
GetClientRect
GetParent
ShowWindow
InvalidateRect
GetWindow
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
GetWindowLongW
GetMenu
DefWindowProcW
GetDlgCtrlID
PtInRect
CopyRect
EqualRect
ScreenToClient
AdjustWindowRectEx
GetSysColor
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
MessageBoxW

gdi32

ExtSelectClipRgn
DeleteDC
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetDeviceCaps
GetStockObject
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
RectVisible

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

shlwapi

PathStripToRootW
UrlGetPartW
PathStripPathW
PathFindFileNameW
StrStrIW
SHDeleteKeyW
StrCmpIW
PathFindExtensionW
PathIsUNCW
UrlUnescapeW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleFlushClipboard
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoTaskMemFree
StringFromCLSID
CoInitialize
CoCreateInstance
CoUninitialize
CoRegisterMessageFilter

oleaut32

VariantInit
VariantClear
SysAllocString
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreateVector
VariantCopy
VariantChangeType
OleCreateFontIndirect
SysStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 399KB - Virtual size: 399KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52266078f0b78f1edd40f5a2c664b7ec

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

shlwapi

oledlg

ole32

oleaut32

Exports

Exports

Sections

.text Size: 399KB - Virtual size: 399KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 11KB - Virtual size: 29KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 57KB - Virtual size: 56KB

.text
Size: 399KB - Virtual size: 399KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 11KB - Virtual size: 29KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 57KB - Virtual size: 56KB