67dd4d77e17391765d3bed9744dd6c91

Sharing

Copy URL

Twitter E-mail

General

Target

67dd4d77e17391765d3bed9744dd6c91
Size

244KB
MD5

67dd4d77e17391765d3bed9744dd6c91
SHA1

fc1d4af4cf30b16487cd5714e5b127bf45f1464c
SHA256

7bce8b8440dfe7379a5cdaca601f5c8359e8a8e34f7e54bee6ea4321e0d3afca
SHA512

3e78ca6b37faa3555f4901d063089d3b8af26c16521d4a735d08314974788b4cb812f1165c1da5a86df598c5f1c83f3879ef1c75f97e77c5083c5d551ac0fa5e
SSDEEP

6144:lLM4l7nEquelx6Hx0qH1c+DBo8Di89NgOpf4Q0q:q+7nfd21cq+IiEgo4Q0q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67dd4d77e17391765d3bed9744dd6c91

Files

67dd4d77e17391765d3bed9744dd6c91
.dll regsvr32 windows:4 windows x86 arch:x86

9e3ebe79c9ff347927893b8aaa6f9625

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

PlaySoundA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

wininet

GetUrlCacheEntryInfoW

gdiplus

GdipLoadImageFromFile
GdipDisposeImage
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipAlloc
GdipFree
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount

kernel32

GetFileType
GetStdHandle
SetHandleCount
GetStringTypeW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrlenA
lstrcmpiA
lstrlenW
lstrcpyA
GetModuleFileNameA
LoadLibraryW
SetLastError
GetModuleFileNameW
OutputDebugStringA
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
lstrcpynA
IsDBCSLeadByte
CloseHandle
ReadFile
SetFilePointer
CreateFileA
ExpandEnvironmentStringsA
WaitForSingleObject
TerminateProcess
Sleep
CreateProcessA
lstrcatA
lstrcmpA
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
SetEndOfFile
GetTempFileNameA
GetTempPathA
DeleteFileA
MapViewOfFileEx
GetStartupInfoA
GetFileSize
OpenFileMappingA
UnmapViewOfFile
LoadLibraryA
LoadLibraryExA
FreeLibrary
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
LocalFree
Beep
LocalAlloc
FormatMessageA
GetTickCount
GetCurrentThreadId
ReleaseMutex
GetCurrentProcessId
CompareStringA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
CopyFileA
CreateMutexA
GetPrivateProfileStringA
WritePrivateProfileStringA
FindClose
FindNextFileA
FindFirstFileA
UnlockFile
WriteFile
LockFile
TlsAlloc
GetCPInfo
GetOEMCP
GetCommandLineA
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
ExitProcess
HeapSize
HeapReAlloc
HeapDestroy
TlsSetValue
TlsGetValue
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
CreateFileMappingA
GetStringTypeA
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
QueryPerformanceCounter
IsBadWritePtr
VirtualFree
HeapCreate
TlsFree

user32

GetSubMenu
SetMenuItemInfoA
InsertMenuA
TrackPopupMenu
DestroyMenu
GetActiveWindow
FindWindowA
SendMessageTimeoutA
SetWindowTextA
ReleaseDC
GetDC
LoadMenuA
SetDlgItemTextA
UnhookWindowsHookEx
OffsetRect
CreateWindowExA
GetClassNameA
CreateCursor
GetWindowTextLengthA
GetWindowTextA
SetCursor
DrawTextA
IsWindowEnabled
DrawFocusRect
FillRect
EndPaint
BeginPaint
GetDlgCtrlID
IsWindow
InvalidateRect
PtInRect
SetFocus
SetCapture
ReleaseCapture
GetCursorPos
ScreenToClient
UpdateWindow
SetWindowsHookExA
GetCapture
CallWindowProcW
DestroyWindow
GetWindowLongA
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
SetRectEmpty
GetFocus
GetParent
GetSysColor
CallNextHookEx
DestroyCursor
DefWindowProcA
PeekMessageA
DispatchMessageA
SendMessageA
LoadStringA
MessageBoxA
GetAsyncKeyState
CheckMenuItem
CallWindowProcA
SetWindowLongA
GetKeyState
wsprintfA
CharNextA
CharUpperBuffA
UnregisterClassA
GetDlgItem

gdi32

DeleteDC
GetStockObject
GetObjectA
CreateFontIndirectA
SetBkMode
SelectObject
DeleteObject
SetTextColor

advapi32

GetUserNameA
RegQueryInfoKeyA
RegDeleteValueA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA

shell32

ShellExecuteA
SHGetSpecialFolderPathA
SHGetFileInfoA

ole32

CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
ProgIDFromCLSID
CoGetObject

oleaut32

SysFreeString
SysStringLen
VarBstrCmp
SysAllocStringByteLen
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
SysStringByteLen
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayRedim
SafeArrayDestroy
SafeArrayCreate
SetErrorInfo
CreateErrorInfo
VariantCopy
SafeArrayUnaccessData
GetErrorInfo
SafeArrayAccessData
SafeArrayCreateVector
SysAllocString

shlwapi

PathFileExistsA
PathAddBackslashA
PathFindExtensionA

urlmon

URLDownloadToCacheFileW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e3ebe79c9ff347927893b8aaa6f9625

Headers

File Characteristics

Imports

winmm

version

wininet

gdiplus

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

urlmon

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 29KB

.SHARED Size: 4KB - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 20KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 29KB

.SHARED
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 20KB

.reloc
Size: 16KB - Virtual size: 13KB