53afa82aacdb3264830f8f38bfe89906

General

Target

53afa82aacdb3264830f8f38bfe89906
Size

51KB
MD5

53afa82aacdb3264830f8f38bfe89906
SHA1

ec630d853224bbb1d49412b6075c99e6407e208c
SHA256

1fef9c0c8d735808b2f9800ea6f2103946bd38db6f126175a3004b3f3800f46b
SHA512

aa44ec3a0bf58dae3a12d53199a8f013232750a6c5622676c25c30fd2ceb1cb121da0dfa6cbd3ce6c067749cf8404d917c426000d663e1a60dc0c0b3aa019b44
SSDEEP

768:sDw+CHZnyE2J1mZGsxFoKnmKzc2DXqOX7yCietampSSv:sDC5TytsfzmK5XnLyCietPSSv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53afa82aacdb3264830f8f38bfe89906

Files

53afa82aacdb3264830f8f38bfe89906
.dll regsvr32 windows:4 windows x86 arch:x86

129d2bd7bec64ba7ff0a37627f79aad3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSAStartup
socket
htons
connect
ioctlsocket
gethostbyname
send
closesocket
recv

kernel32

LocalFree
CreateThread
IsBadStringPtrA
GetModuleHandleA
Sleep
GetProcAddress
LoadLibraryA
GetLastError
GetSystemInfo
IsBadReadPtr
VirtualQuery
WideCharToMultiByte
GetTickCount
InterlockedDecrement
CloseHandle
CreateFileA
lstrcpynA
MapViewOfFile
CreateFileMappingA
OpenFileMappingA

user32

wsprintfA
GetWindowTextA
GetParent
ScreenToClient
GetClassNameA
PeekMessageA
CallNextHookEx

ole32

CoCreateInstance
OleRun

oleaut32

SysFreeString
SysAllocString
VariantClear
GetErrorInfo

msvcrt

_initterm
_adjust_fdiv
_strupr
_strdup
_CxxThrowException
??1type_info@@UAE@XZ
_onexit
__dllonexit
strchr
atoi
free
isalpha
isdigit
realloc
malloc
wcslen
??2@YAPAXI@Z
__CxxFrameHandler
sprintf
??3@YAXPAX@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

129d2bd7bec64ba7ff0a37627f79aad3

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

ole32

oleaut32

msvcrt

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 117KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 117KB

.reloc
Size: 4KB - Virtual size: 2KB