3edb1093b546a330feea91b2a4eaa349

Sharing

Copy URL Twitter E-mail

General

Target

3edb1093b546a330feea91b2a4eaa349
Size

56KB
MD5

3edb1093b546a330feea91b2a4eaa349
SHA1

de0ca4b56380640cb4bb04e1adb23635b2e941c0
SHA256

44dc8a49964ca16622043a757786b2569f3a1002455a50f8aa7a4d03b2d074ed
SHA512

03f15905ffa814544e391309e4645aab72cf838804bdba2248a470aceb09cd6559585969c7b5483085487d26d654fb6c95f5335c2a2a55e704e5a06287101274
SSDEEP

768:edgv0ZRxazDTYek7QsT9BL93kt1FM0Ttcp07LOxVYoOklNK:YrhQD8P9nkC0TtC8oOkvK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3edb1093b546a330feea91b2a4eaa349

Files

3edb1093b546a330feea91b2a4eaa349
.dll regsvr32 windows:4 windows x86 arch:x86

17f91917ff9fc1faf5deabf6aed8bef2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
GetSystemDirectoryA
GetLocalTime
CloseHandle
ReadFile
GetFileSize
CreateFileA
HeapDestroy
lstrlenW
MultiByteToWideChar
lstrlenA
GetShortPathNameA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
WideCharToMultiByte
WriteFile
CopyFileA
DeleteFileA
WaitForSingleObject
CreateProcessA
GetTickCount
Sleep
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetStdHandle
LCMapStringA
GetVersion
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
SetHandleCount
TlsSetValue
DisableThreadLibraryCalls
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
RtlUnwind
HeapFree
HeapAlloc
RaiseException
GetCommandLineA
HeapCreate
IsBadWritePtr
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapReAlloc
SetUnhandledExceptionFilter
VirtualFree
ExitProcess
VirtualAlloc

user32

FindWindowExA
SetTimer
DestroyWindow
GetWindowTextA
KillTimer
SendMessageA
CharNextA

ole32

CoCreateInstance

oleaut32

RegisterTypeLi
LoadRegTypeLi
SysFreeString
LoadTypeLi
SysAllocString
SysStringLen

wininet

InternetCloseHandle
InternetQueryDataAvailable
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetReadFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17f91917ff9fc1faf5deabf6aed8bef2

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 2KB