3f91418b6491ebddb9056276bfb461c5

Sharing

Copy URL Twitter E-mail

General

Target

3f91418b6491ebddb9056276bfb461c5
Size

48KB
MD5

3f91418b6491ebddb9056276bfb461c5
SHA1

fa242bd25bde29ebb2335e25e09480ac0995cca4
SHA256

711b7f487b6c56cc23c63da85ad2f4f55eb038402e61b4d2722a11eae5f9a0d0
SHA512

24fddb6cd4ae5312560ab7dddeffd171c4a753001f7153ab97d48947ebf7d2884c8cf2f22929bdf7c169abc7e5791010dc9e7ac18ec81205dfbd3a06846ae30c
SSDEEP

768:cjesgQsjwpKgDcyRGAW3s8J3t4b9wK2R:cVgQsjwpKgDcyrZ4C9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f91418b6491ebddb9056276bfb461c5

Files

3f91418b6491ebddb9056276bfb461c5
.dll regsvr32 windows:4 windows x86 arch:x86

c005794d680ec1097cd230194293a4a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
CreateProcessA
FindClose
FindFirstFileA
lstrcatA
FreeLibrary
DeleteFileA
GetModuleFileNameA
ReleaseMutex
WaitForSingleObject
CreateMutexA
GlobalAlloc
GetComputerNameA
GetVolumeInformationA
GetSystemDirectoryA
SystemTimeToFileTime
GetSystemTime
lstrcmpA
CloseHandle
WriteFile
CreateFileA
GetLastError
GetTempPathA
lstrcpynA
GlobalFree
GetCurrentProcessId
GetTickCount
GetProcessHeap
HeapAlloc
lstrcpyA
lstrlenA

user32

GetMessageA
KillTimer
PostThreadMessageA
DispatchMessageA
CharUpperA
wsprintfA
TranslateMessage
SetTimer

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegSetValueA

wsock32

WSAStartup
gethostname
WSACleanup
gethostbyname
htonl
ioctlsocket

shell32

SHGetSpecialFolderPathA

wininet

InternetOpenUrlA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenA

Exports

Exports

DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c005794d680ec1097cd230194293a4a4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

wsock32

shell32

wininet

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 4KB

.SHARED Size: 4KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 4KB

.SHARED
Size: 4KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 12KB