447a4fb533c755ccdab14a47f08a9ee0[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

447a4fb533c755ccdab14a47f08a9ee0.bin
Size

166KB
MD5

447a4fb533c755ccdab14a47f08a9ee0
SHA1

54af5273f126d3b956b3586732653750019ef3e4
SHA256

1672ce53464329f5bd8d8039606f782d4958fa5541932e2b1726bdcedc0b0d88
SHA512

dd0df7c5b5bc320a065040e2d6f620eb6369feb0742747ebbbfee695fd21d40d15543244b43d2752764d7a08b39212a967e6ba6771aed6be2d9037c53a165920
SSDEEP

3072:3ILW/bOdBFo1OCBi+An6ew7YtXoOPpbloNtpeElrtiU+mnNuOUi:3ILZDCbA6ew7wXFxbaNt+6n5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
447a4fb533c755ccdab14a47f08a9ee0.bin

Files

447a4fb533c755ccdab14a47f08a9ee0.bin
.dll regsvr32 windows:6 windows x64 arch:x64

c21a3c114956b038ccc9b8b9dd7aade4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
SizeofResource
EnterCriticalSection
GetCurrentProcess
LoadLibraryExA
LeaveCriticalSection
InitializeCriticalSectionEx
FindResourceA
WaitForSingleObject
GetModuleHandleA
MultiByteToWideChar
Sleep
SetEvent
TerminateThread
CloseHandle
RaiseException
CreateThread
IsDBCSLeadByte
LoadResource
GetProcAddress
DeleteCriticalSection
FreeLibrary
WideCharToMultiByte
VirtualQuery
CreateEventA
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
WriteConsoleW
FlushFileBuffers
GetProcessHeap
HeapAlloc
HeapReAlloc
HeapSize
VirtualAlloc
VirtualFree
GetLastError
HeapFree
lstrcmpiA
SetFilePointerEx
GetConsoleMode
GetConsoleCP
WriteFile
SetStdHandle
GetStringTypeW
RtlPcToFileHeader
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RtlUnwindEx
InterlockedFlushSList
SetLastError
GetSystemInfo
VirtualProtect
ExitProcess
GetModuleHandleExW
GetACP
LCMapStringW
GetStdHandle
GetFileType
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
CreateFileW

user32

CharNextA

advapi32

RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegEnumKeyExA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

oleaut32

VarUI4FromStr

Exports

Exports

Control_RunDLL
DllRegisterServer
InitLib
entryPoint

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ax
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c21a3c114956b038ccc9b8b9dd7aade4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 104KB

.ax Size: 512B - Virtual size: 24B

.rdata Size: 47KB - Virtual size: 46KB

.data Size: 3KB - Virtual size: 14KB

.pdata Size: 6KB - Virtual size: 5KB

.gfids Size: 512B - Virtual size: 216B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1024B - Virtual size: 648B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 104KB - Virtual size: 104KB

.ax
Size: 512B - Virtual size: 24B

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 3KB - Virtual size: 14KB

.pdata
Size: 6KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 216B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1024B - Virtual size: 648B

.reloc
Size: 2KB - Virtual size: 1KB