3c1a152f990f3b0782fd5d8ac11a86e0

Sharing

Copy URL

Twitter E-mail

General

Target

3c1a152f990f3b0782fd5d8ac11a86e0
Size

176KB
MD5

3c1a152f990f3b0782fd5d8ac11a86e0
SHA1

cd8651837634d3a15149f691bf9851ae4638ef36
SHA256

b41bccfafe334723cc983a7033c8ea103cec131d50641c529023f551fc5cd622
SHA512

1a496212fd7000408267b0cceceba1c0d856385db8534816a57ba56922157c0008429ac482ab5e493c308e46ceb7e522951a8f1ab2020729a31a4592687119c6
SSDEEP

3072:uaHrV+dAKT1pu2+IQE/0W6mgIrtcjJLyRJBTPAgXPcE4JLkImbCbXs:THwdhbu2+b3DmgGtcpSBT3XUEORb8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c1a152f990f3b0782fd5d8ac11a86e0

Files

3c1a152f990f3b0782fd5d8ac11a86e0
.dll regsvr32 windows:4 windows x86 arch:x86

9be6e787bafa06e42a2d8fb828d19705

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetOpenA
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetSetOptionA

user32

OpenClipboard
SystemParametersInfoA
EnumWindows
CloseClipboard
KillTimer
EnumChildWindows
GetWindowThreadProcessId
SetTimer
DefWindowProcA
wsprintfA
SetWindowPos
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetClassNameA

oleaut32

VariantClear
SysAllocString
GetErrorInfo
SysFreeString

msvcrt

fwrite
fopen
tmpnam
atoi
strtol
strstr
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
fclose
printf
islower
free
srand
tolower
strtok
toupper
isgraph
isxdigit
isupper
wcscmp
wcslen
?what@exception@@UBEPBDXZ
strncpy
strchr
strerror
isspace
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_CxxThrowException
__mb_cur_max
malloc
wctomb
??0exception@@QAE@ABV0@@Z
ispunct
__CxxFrameHandler
isalnum
isalpha
??2@YAPAXI@Z
??3@YAXPAX@Z

advapi32

CryptReleaseContext
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
CryptGenRandom
CryptAcquireContextA
RegCloseKey

netapi32

Netbios

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

winmm

timeGetTime

rpcrt4

UuidToStringA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
CoInitialize

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

kernel32

WaitForSingleObject
MoveFileExA
lstrcmpA
lstrcmpiA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentProcess
GetProcessTimes
GetLocalTime
CreateFileA
LoadLibraryA
VirtualAllocEx
GetProcAddress
WriteProcessMemory
GetModuleHandleA
GetModuleFileNameA
HeapFree
Sleep
GetTickCount
QueryPerformanceCounter
CreateProcessA
GetCurrentDirectoryA
LocalFree
FormatMessageA
GetProcessHeap
GetSystemInfo
GetVersionExA
HeapSize
HeapAlloc
GetEnvironmentVariableA
SetLastError
InterlockedExchange
GetFullPathNameA
GetWindowsDirectoryA
lstrcpynA
CloseHandle
GetThreadTimes
GetCurrentThread
OpenProcess
GetCurrentProcessId
FreeLibrary
CreateRemoteThread
DeleteFileA
SleepEx
GetVersion
GetSystemDirectoryA
lstrcpyA
GetLastError
lstrlenA
QueryPerformanceFrequency

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9be6e787bafa06e42a2d8fb828d19705

Headers

File Characteristics

Imports

wininet

user32

oleaut32

msvcrt

advapi32

netapi32

shlwapi

winmm

rpcrt4

version

ole32

psapi

kernel32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 24KB - Virtual size: 26KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 24KB - Virtual size: 26KB

.reloc
Size: 12KB - Virtual size: 8KB