54716ca36972f6a7dbc25eac3ca8b8e6

Sharing

Copy URL

Twitter E-mail

General

Target

54716ca36972f6a7dbc25eac3ca8b8e6
Size

100KB
MD5

54716ca36972f6a7dbc25eac3ca8b8e6
SHA1

12eeea58f7762d06d6b2b6fdf1da8a7e18b91c12
SHA256

f0231cde5f0071ceb51d3c36c2bbfea56dc0402d704c89985044c12080dfb271
SHA512

39be5a4af4351f8ec36cb229031899c644e3684d2ffe1860feeda7437b2504c6360ad0303e2ddd912fd70e6ca8b128da897e981a7ebe250cfd569a2093c52b8f
SSDEEP

3072:O04GfltkAPqdwJk+qbLac4FQSve1dul68f8:vhtca9ES0uPk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54716ca36972f6a7dbc25eac3ca8b8e6

Files

54716ca36972f6a7dbc25eac3ca8b8e6
.dll regsvr32 windows:4 windows x86 arch:x86

02515d7b36aeb92bed6f6f0925f787ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindVolumeMountPointClose
GlobalAddAtomA
SleepEx
IsBadStringPtrA
CreateMailslotW
RemoveDirectoryW
SetConsoleCtrlHandler
CreateToolhelp32Snapshot
VerLanguageNameW
GetThreadLocale
GetModuleFileNameW
ResetEvent
FindNextFileW
CreateFileMappingA
TerminateProcess
TransactNamedPipe
QueueUserAPC
CopyFileW
FindFirstFileExW
FindFirstChangeNotificationW
TerminateJobObject
LocalUnlock
CompareStringW
AddAtomA
GetCurrentProcess
LCMapStringW
SetConsoleCursorPosition
OpenJobObjectW
FindNextFileA
ReadFileEx
CreateFileW
EnumResourceLanguagesA
GetLocalTime
OpenThread
GetCompressedFileSizeW
GetEnvironmentVariableA
SetConsoleTextAttribute
MoveFileW
ReadDirectoryChangesW
DuplicateHandle
SystemTimeToFileTime
GetModuleHandleExW
MultiByteToWideChar
GetCommandLineA
HeapCreate
FindResourceExA
FindNextVolumeMountPointW
SetConsoleActiveScreenBuffer
ReleaseMutex
RemoveDirectoryA
GetBinaryTypeW
GetProfileSectionA
AllocConsole
GetFileInformationByHandle
VirtualUnlock
OpenProcess
OpenFileMappingA
IsValidLocale
GetTimeFormatA
lstrlenW
LocalFileTimeToFileTime
GetAtomNameW
SetEvent
GetSystemWindowsDirectoryA
lstrcpyW
EnumResourceNamesA
GetProfileIntA
WriteConsoleInputA
GetTimeFormatW
CreateRemoteThread
IsBadHugeReadPtr
OpenEventA
GetProfileStringA
ExitThread
SetProcessShutdownParameters
GetEnvironmentStringsW
HeapLock
VirtualProtect
HeapAlloc
GetModuleFileNameA
CreateDirectoryA
CreateProcessA
InterlockedIncrement
HeapFree
LeaveCriticalSection
ExpandEnvironmentStringsA
VirtualQuery
GetProcessHeap
GetModuleHandleA
CopyFileA
GetLastError
GlobalAlloc
WriteFile
ReadFile
GetProcAddress
CloseHandle
LoadLibraryA
GetModuleHandleW
Sleep

shell32

SHGetFileInfoA
DragAcceptFiles
ShellExecuteA
ShellAboutA
ExtractIconExA
DragQueryFileW
SHGetFolderPathA

gdi32

SetSystemPaletteUse
InvertRgn
PatBlt
DPtoLP
GetTextExtentPointW
CreatePalette
GetCharABCWidthsA
GetTextCharacterExtra
SetRectRgn
GetRandomRgn
GetViewportExtEx
SetViewportOrgEx
PlayEnhMetaFileRecord
DescribePixelFormat
PtInRegion
EnumMetaFile
GetCharacterPlacementA
GetObjectA
TextOutA
GetTextMetricsA
SetWindowExtEx
SetICMMode
RemoveFontResourceW
SetLayout
SetTextJustification
MoveToEx
GetNearestPaletteIndex
SetTextAlign
GetTextCharsetInfo
GetBkMode
GetBitmapDimensionEx
ExtFloodFill
GetDIBits
SetBkColor
GetFontResourceInfoW
GetTextExtentExPointA
AnimatePalette
CreateBrushIndirect
CopyMetaFileA
TranslateCharsetInfo
CreateDIBPatternBrushPt
DeleteObject
CopyEnhMetaFileA
SetWindowOrgEx

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02515d7b36aeb92bed6f6f0925f787ab

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB