5c0c5de38cb06192dcd4a0f46696c678

Sharing

Copy URL

Twitter E-mail

General

Target

5c0c5de38cb06192dcd4a0f46696c678
Size

128KB
MD5

5c0c5de38cb06192dcd4a0f46696c678
SHA1

78a26e08fa893043f74d9e5f0e3aeb927d76839f
SHA256

cb6ca0f5c66a64cf7d5053f1ef2e46fb86946c6464504f67aeafab60c1b86ff6
SHA512

bd746bdf941ea7d2b78d8f2d4b799c1266ce988a8b2c7091505f759b28830da2594cc376843cd1dee111c5ea535d56c46d290d8c1c8e68a7372dfae9a8860fbc
SSDEEP

3072:BGEMgf2NG9CK28gdPLX7MmCDTotroQ1S:BGHG9s8g9L7MmWyxE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c0c5de38cb06192dcd4a0f46696c678

Files

5c0c5de38cb06192dcd4a0f46696c678
.dll regsvr32 windows:4 windows x86 arch:x86

f571691000a3a36c41c698abffde22da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCombineUrlA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryDataAvailable
HttpQueryInfoA
InternetReadFile

urlmon

URLDownloadToFileA

kernel32

GetLastError
lstrlenA
InterlockedIncrement
GetModuleFileNameA
GetWindowsDirectoryA
InterlockedDecrement
SetFileTime
CreateFileA
GetFileTime
OpenFile
GetVersionExA
CloseHandle
DeviceIoControl
SetPriorityClass
GetCurrentProcess
lstrcmpiA
GetVolumeInformationA
GetUserDefaultLangID
GetSystemDefaultLangID
GetSystemTime
DisableThreadLibraryCalls
InitializeCriticalSection
lstrlenW
MultiByteToWideChar
GetShortPathNameA
GetModuleHandleA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
WriteFile
DebugBreak
OutputDebugStringA
LCMapStringW
LCMapStringA
GetEnvironmentStrings
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
IsBadReadPtr
SetHandleCount
SetFilePointer
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
FlushFileBuffers
SetEndOfFile
SetStdHandle
GetEnvironmentStringsW
GetStartupInfoA
GetFileType
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
GetStringTypeW
RtlUnwind
GetTimeZoneInformation
GetLocalTime
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
ReadFile
FreeEnvironmentStringsA
TerminateProcess
GetStdHandle
GetStringTypeA
TlsGetValue
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
ExitProcess
GetCPInfo
GetACP
GetOEMCP

user32

CharLowerA
MessageBoxA
LoadStringA
CharNextA
wvsprintfA

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegEnumValueA

shell32

ShellExecuteA

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

oleaut32

SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
VarUI4FromStr
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f571691000a3a36c41c698abffde22da

Headers

File Characteristics

Imports

wininet

urlmon

kernel32

user32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 26KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 26KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 8KB - Virtual size: 7KB