38d678805ba0a200d5cb74dbf424172b

Sharing

Copy URL Twitter E-mail

General

Target

38d678805ba0a200d5cb74dbf424172b
Size

1.7MB
MD5

38d678805ba0a200d5cb74dbf424172b
SHA1

e3e4bcb2adb9c4974eeb1368ac0aaec405e5fda4
SHA256

dba1341c435e624fc2386b2ed678aebe82b22c6b112f64f6e18737dc06086d1e
SHA512

fce5db7b9f303b4325998ddf76642ce74cae7fcb926e1cff74bbfa8e51e6a827b5e4f798a6271a1e78458ad091a3b4e468c68a7bbcc0e9fd21423f5f31a323ed
SSDEEP

24576:X4MAe7F1Lua594edTeSozzSDMMvtTJ9FXfr604dabybT5t/3XpS+B:Xd43SozzSRT7N+04jbTfhS+B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38d678805ba0a200d5cb74dbf424172b

Files

38d678805ba0a200d5cb74dbf424172b
.dll regsvr32 windows:5 windows x86 arch:x86

3af740cd53985d547d6e40d734b5a16d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GetProcAddress
LoadLibraryA
DeleteCriticalSection
ExitThread
LoadLibraryW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetDriveTypeA
CreateFileA
GetProcessHeap
SetEndOfFile
WriteConsoleW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
Sleep
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetSystemTimeAsFileTime
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
HeapCreate
HeapDestroy
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
WriteFile
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
GetTimeZoneInformation
CloseHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
GetTimeFormatA
GetDateFormatA
GetFullPathNameW
GetCurrentDirectoryA
GetLocaleInfoA
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
SetStdHandle
CreateFileW
WriteConsoleA
GetConsoleOutputCP
CreateThread

user32

IsWindow
ShowWindow

oleaut32

VarCmp
SysAllocString
VariantClear
VariantInit
SysFreeString
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3af740cd53985d547d6e40d734b5a16d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

oleaut32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 130KB - Virtual size: 129KB

.data Size: 22KB - Virtual size: 50KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 177KB - Virtual size: 176KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 130KB - Virtual size: 129KB

.data
Size: 22KB - Virtual size: 50KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 177KB - Virtual size: 176KB