5342f5ecd7fb04db796a37fb776de192

Sharing

Copy URL Twitter E-mail

General

Target

5342f5ecd7fb04db796a37fb776de192
Size

148KB
MD5

5342f5ecd7fb04db796a37fb776de192
SHA1

70b9733615f76c941a9be185601c0812b35f941b
SHA256

318c685b8afc551ab4a36e8a83cbff37832c3ae55bf1119dd16bd42cd2196dd7
SHA512

de639bd0c8b43a202085f2e625522efe723ff057b90764e312aeccd5907e5f22eca54ae97a9211ae4bbe99bc38a2191362c43bd76c0a3cd97635d91be789ef16
SSDEEP

3072:Oz8V5PMzjYdQUC2MrTVi7nM95sYwCAx5xOJCtyYSN/:mMdQUVM/VknNQG5xBBSN/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5342f5ecd7fb04db796a37fb776de192

Files

5342f5ecd7fb04db796a37fb776de192
.dll regsvr32 windows:4 windows x86 arch:x86

5ba38724c7591ea3f2c8bd5e3b2d047b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_stricmp
fclose
fwrite
fopen
tmpnam
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
strstr
tolower
isalpha
strerror
??2@YAPAXI@Z
atoi
strncpy
printf
toupper
__CxxFrameHandler
wcscmp
?what@exception@@UBEPBDXZ
isxdigit
wcslen
srand
__mb_cur_max
wctomb
ispunct
isalnum
free
strchr
isspace
isgraph
islower
isupper
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_CxxThrowException
malloc
??0exception@@QAE@ABV0@@Z
strtok
??3@YAXPAX@Z

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

rpcrt4

UuidToStringA

psapi

EnumProcesses
GetModuleBaseNameA
EnumProcessModules

user32

wsprintfA
CloseClipboard
OpenClipboard
DefWindowProcA
SetTimer
KillTimer
EnumWindows
EnumChildWindows
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
SystemParametersInfoA
SetWindowPos
GetClassNameA
GetWindowThreadProcessId

wininet

InternetSetOptionA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetOpenUrlA

netapi32

Netbios

oleaut32

SysAllocString
VariantClear
GetErrorInfo
SysFreeString

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

winmm

timeGetTime

advapi32

RegCloseKey
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegQueryValueExW
RegOpenKeyExW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegOpenKeyExA

ole32

CoInitialize
CoCreateGuid
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

kernel32

QueryPerformanceFrequency
GetThreadTimes
Sleep
QueryPerformanceCounter
CreateFileA
GetWindowsDirectoryA
GetLastError
GetTickCount
MoveFileExA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
WaitForSingleObject
CreateProcessA
DeleteFileA
GetCurrentThread
FreeEnvironmentStringsA
LocalFree
FormatMessageA
GetSystemInfo
SleepEx
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
SetLastError
lstrlenA
GetFullPathNameA
HeapFree
GetVersion
HeapSize
HeapAlloc
GetProcessHeap
lstrcpynA
GetCurrentDirectoryA
lstrcpyA
GetLocalTime
OpenProcess
GetCurrentProcessId
GetEnvironmentVariableA
InterlockedExchange
lstrcmpA
lstrcmpiA
GetCurrentProcess
GetProcessTimes
MultiByteToWideChar
GetEnvironmentStrings
GetSystemDirectoryA
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ba38724c7591ea3f2c8bd5e3b2d047b

Headers

File Characteristics

Imports

msvcrt

version

rpcrt4

psapi

user32

wininet

netapi32

oleaut32

shlwapi

winmm

advapi32

ole32

kernel32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 21KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 21KB

.reloc
Size: 8KB - Virtual size: 6KB