3cf72bbebc24062eeae6a78dfd23db5e

Sharing

Copy URL

Twitter E-mail

General

Target

3cf72bbebc24062eeae6a78dfd23db5e
Size

140KB
MD5

3cf72bbebc24062eeae6a78dfd23db5e
SHA1

3d2b35bd563b370372fa90f81e5fb434553cc4c9
SHA256

b61ac0533924edcb357f5a0779de85f5be0175792794bf1dd47392722c4467db
SHA512

f498cb37e7b87fb258d83e0dc4689d92ab7440a46d1afd497902ad2e220fa47a7ea30423e0fd04150235e2eb658f09682e7552fd17a1dc43e27918de3970f504
SSDEEP

3072:9ZeLCWPTLSHNWkXEHiTm5y6QSPmO/e/cOJM1FM0v5V:OFTmH9Mcm8Ue/o1FM07

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cf72bbebc24062eeae6a78dfd23db5e

Files

3cf72bbebc24062eeae6a78dfd23db5e
.dll regsvr32 windows:4 windows x86 arch:x86

016aa77f3ed9eeb137df517474d03215

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantClear
GetErrorInfo
SysFreeString
SysAllocString

user32

wsprintfA
SetWindowPos
EnumChildWindows
GetWindowThreadProcessId
GetClassNameA
DefWindowProcA
EnumWindows
SystemParametersInfoA
TranslateMessage
OpenClipboard
CloseClipboard
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
SetTimer
DispatchMessageA
KillTimer

advapi32

SetEntriesInAclA
SetSecurityInfo
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetSecurityInfo

rpcrt4

UuidToStringA

wininet

InternetOpenUrlA
HttpQueryInfoA
InternetOpenA
InternetReadFile
InternetSetOptionA
InternetCloseHandle

psapi

EnumProcesses
GetModuleBaseNameA
EnumProcessModules

ole32

CoInitialize
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

msvcrt

??0exception@@QAE@XZ
??1exception@@UAE@XZ
wcscmp
strncpy
isalnum
tolower
strerror
strchr
free
malloc
toupper
strtok
printf
isspace
isgraph
wctomb
__mb_cur_max
_stricmp
fwrite
fopen
tmpnam
atoi
isxdigit
srand
isupper
ispunct
isalpha
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
?what@exception@@UBEPBDXZ
_CxxThrowException
wcslen
islower
??0exception@@QAE@ABV0@@Z
strstr
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
fclose

shlwapi

StrStrIA
SHGetValueA
SHSetValueA

netapi32

Netbios

winmm

timeGetTime

kernel32

GetCurrentThread
GetThreadTimes
DeleteFileA
CreateProcessA
WaitForSingleObject
GetCurrentProcessId
GetModuleHandleA
GetLocalTime
GetCurrentProcess
GetProcessTimes
CreateFileA
LoadLibraryA
GetSystemInfo
FreeEnvironmentStringsA
GetEnvironmentStrings
lstrcpynA
lstrcmpiA
lstrcmpA
MoveFileExA
QueryPerformanceCounter
VirtualAllocEx
GetProcAddress
WriteProcessMemory
CreateRemoteThread
FreeLibrary
FormatMessageA
LocalFree
lstrcpyA
GetWindowsDirectoryA
GetFullPathNameA
InterlockedExchange
SetLastError
HeapAlloc
HeapSize
GetSystemDirectoryA
GetVersionExA
GetVersion
GetCurrentDirectoryA
HeapFree
MultiByteToWideChar
Sleep
GetModuleFileNameA
QueryPerformanceFrequency
GetTickCount
SleepEx
CloseHandle
OpenProcess
GetEnvironmentVariableA
lstrlenA
GetLastError
GetProcessHeap

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

016aa77f3ed9eeb137df517474d03215

Headers

File Characteristics

Imports

oleaut32

user32

advapi32

rpcrt4

wininet

psapi

ole32

version

msvcrt

shlwapi

netapi32

winmm

kernel32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 22KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 22KB

.reloc
Size: 8KB - Virtual size: 6KB