67e3265d403b9535df4c4e041073742b

Sharing

Copy URL

Twitter E-mail

General

Target

67e3265d403b9535df4c4e041073742b
Size

716KB
MD5

67e3265d403b9535df4c4e041073742b
SHA1

27c4870d360ec9b78f8e69e92399cb3927d251de
SHA256

e673deb75d18e2b0d5100b0badb896beacc840929fe3e7b10996c17500121796
SHA512

66e080d0bf3ce9f1d54a9ae51cf0be5f233446cdf873185b9ec0d7d61af573f34c692202387999f303bb9fe1c9adea6a02e574b5cd4bb071db19eff0d7fb4e9f
SSDEEP

12288:vmMiN22NP5bU7yHVHldYpq075IPeOFOz1fNabeSh/ZWO4nTQsKf/lS:vmbtNlUrpq0tO4z1CeUMpE/A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67e3265d403b9535df4c4e041073742b

Files

67e3265d403b9535df4c4e041073742b
.dll regsvr32 windows:4 windows x86 arch:x86

1aa866289ae3d921c8a9dd1f9cef1a9a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryExW
lstrcmpiW
lstrcpynW
DisableThreadLibraryCalls
HeapDestroy
lstrcpyW
lstrcatW
LocalFree
SetEnvironmentVariableA
GetLocaleInfoW
SetEndOfFile
SetConsoleCtrlHandler
LoadLibraryA
GetOEMCP
GetACP
CreateFileA
IsBadCodePtr
IsBadReadPtr
CreateFileW
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
FindResourceW
WriteFile
LCMapStringW
LCMapStringA
SetFilePointer
ReadFile
CompareStringW
CompareStringA
UnhandledExceptionFilter
SetLastError
TlsFree
TlsAlloc
GetModuleHandleA
HeapSize
TerminateProcess
FatalAppExitA
ExitProcess
RaiseException
GetVersion
GetCommandLineA
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind
GetLocalTime
GetTimeZoneInformation
ExitThread
TlsGetValue
TlsSetValue
ResumeThread
GetVersionExW
GetCurrentThread
GetThreadPriority
SetThreadPriority
CreateThread
InterlockedExchange
VirtualFree
VirtualAlloc
GetSystemInfo
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
DuplicateHandle
LoadResource
SizeofResource
GetModuleHandleW
GetShortPathNameW
GetSystemDirectoryW
GetDiskFreeSpaceExW
OpenMutexW
OpenSemaphoreW
GetSystemTime
CreateProcessW
GetFileAttributesW
CreateDirectoryW
SetEnvironmentVariableW
CopyFileW
GetTickCount
GetProcAddress
FreeLibrary
LoadLibraryW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
lstrcmpW
GlobalAlloc
GlobalLock
GlobalUnlock
DeleteFileW
FindNextFileW
GetLastError
WaitForSingleObject
ResetEvent
FindFirstFileW
FindClose
Sleep
DeleteCriticalSection
CloseHandle
CreateEventW
SetEvent
InitializeCriticalSection
TryEnterCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
lstrlenA
OutputDebugStringW
DebugBreak
InterlockedIncrement
GetUserDefaultLangID
WideCharToMultiByte
GetModuleFileNameW
InterlockedDecrement
lstrlenW
FlushFileBuffers

user32

FillRect
GetDC
ReleaseDC
SendMessageW
IsWindow
SetCapture
ReleaseCapture
SetWindowPos
GetClientRect
DefWindowProcW
SetWindowLongW
GetWindowLongW
CallWindowProcW
CharLowerW
MessageBoxW
PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
CreateWindowExW
LoadStringW
DialogBoxParamW
ClientToScreen
FindWindowW
CreateMenu
GetSubMenu
GetKeyState
CharNextW
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
CopyRect
SetRect
DestroyWindow
SetTimer
SetRectEmpty
MoveWindow
InvalidateRect
ShowWindow
FindWindowExW
PostMessageW
SetWindowTextW
BringWindowToTop
ShowCursor
GetDesktopWindow
GetCursorPos
ScreenToClient
PtInRect
GetWindowRect
SetSysColors
GetSysColor
EnumChildWindows
LoadImageW
GetClassNameW
LoadBitmapW
UnionRect
wvsprintfW
DrawTextW
GetActiveWindow
SetDlgItemInt
GetDlgItemTextW
CheckRadioButton
SetDlgItemTextW
GetQueueStatus
DispatchMessageW
GetDlgCtrlID
EndDialog
GetSystemMetrics
SystemParametersInfoW
SetParent
EnumDisplayDevicesW
EnumDisplaySettingsW
RegisterHotKey
UnregisterHotKey
KillTimer
TrackPopupMenu
EnableWindow
CreateDialogParamW
CreatePopupMenu
AppendMenuW
DestroyMenu
GetMenuItemCount
InsertMenuW
GetDlgItem
InvalidateRgn
CreateAcceleratorTableW
RedrawWindow
BeginPaint
EndPaint
IsChild
GetFocus
SetFocus
wsprintfW
GetWindowTextLengthW
GetWindowTextW
GetWindow
RegisterWindowMessageW
GetClassInfoExW
RegisterClassExW
SetCursor
LoadCursorW
GetParent

gdi32

Rectangle
SetTextAlign
TextOutW
GetStockObject
GetDeviceCaps
GetObjectW
StretchBlt
SetBkMode
CreateCompatibleDC
SelectObject
CreateSolidBrush
BitBlt
DeleteDC
CreateFontIndirectW
DeleteObject
GetDIBits
SetTextColor
StretchDIBits
SetStretchBltMode
CreateDIBSection
RestoreDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
CreateDCW
CreateRectRgnIndirect
CloseMetaFile
SetWindowExtEx
CreateMetaFileW
SetDIBits
CreateCompatibleBitmap
DeleteMetaFile
CreatePatternBrush

comdlg32

ChooseColorW
GetOpenFileNameW
ChooseFontA
GetSaveFileNameW

advapi32

RegQueryInfoKeyW
RegOpenKeyW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegCreateKeyW
RegQueryValueExW
RegEnumValueW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW

shell32

ShellExecuteW

ole32

CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemRealloc
CoInitializeEx
OleLockRunning
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
OleInitialize
CreateStreamOnHGlobal
OleUninitialize
CoTaskMemFree
CoInitialize
StringFromCLSID
CoCreateInstance
OleLoadFromStream
WriteClassStm
CoUninitialize
CoFreeUnusedLibraries
OleSaveToStream
OleRegGetMiscStatus
CreateDataAdviseHolder

oleaut32

GetErrorInfo
SetErrorInfo
CreateErrorInfo
VariantChangeType
LoadTypeLi
RegisterTypeLi
VarUI4FromStr
OleCreateFontIndirect
SysAllocStringLen
DispCallFunc
SysStringLen
LoadRegTypeLi
OleCreatePropertyFrame
SysStringByteLen
SysAllocStringByteLen
VariantInit
SafeArrayCreate
SafeArrayPutElement
VariantCopy
VariantClear
SysAllocString
SysFreeString

ws2_32

WSAStartup
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
gethostbyname
htonl
connect
recv
htons
send
WSAEventSelect
setsockopt
closesocket
socket
WSAGetLastError
ntohs
ntohl
inet_addr

winmm

timeGetTime
timeSetEvent

quartz

AMGetErrorTextW

comctl32

ImageList_LoadImageW
_TrackMouseEvent
InitCommonControlsEx
ImageList_Destroy
ord16

msimg32

TransparentBlt
AlphaBlend

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 508KB - Virtual size: 507KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1aa866289ae3d921c8a9dd1f9cef1a9a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

winmm

quartz

comctl32

msimg32

Exports

Exports

Sections

.text Size: 508KB - Virtual size: 507KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 24KB - Virtual size: 50KB

.rsrc Size: 80KB - Virtual size: 76KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 508KB - Virtual size: 507KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 24KB - Virtual size: 50KB

.rsrc
Size: 80KB - Virtual size: 76KB

.reloc
Size: 20KB - Virtual size: 19KB