7039817f7896e7ab71d9beca75fb5338

Sharing

Copy URL Twitter E-mail

General

Target

7039817f7896e7ab71d9beca75fb5338
Size

100KB
MD5

7039817f7896e7ab71d9beca75fb5338
SHA1

efb9e14f82904b5e39cd3bfff9d0981a21f424e3
SHA256

fb962e09d8b7f07e8091b266edda96fd8dfe2a5c46c092150d1600e755eb42c5
SHA512

84ad23cff574fa04ed5c7c482efa4f36b45d6cbcce1ced3328b4e01f3ea0c09100cf3569c11d9c7e14c29cb4ceae8754ae81b1c5b772d79b9849a1a44ae940b1
SSDEEP

1536:KkZU2WGa9rfxj5xrW/6TjpKv/i7KPvSoPjD8xPDutTRw/aw83U/VSb:AYOfxj5x1QK7KSvxPDutTeywMU/O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7039817f7896e7ab71d9beca75fb5338

Files

7039817f7896e7ab71d9beca75fb5338
.dll regsvr32 windows:4 windows x86 arch:x86

6e7749b34978d7d2aa22f353c2167a7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CopyFileA
EnterCriticalSection
ExpandEnvironmentStringsA
InterlockedIncrement
CreateFileA
GetCurrentProcessId
LoadLibraryA
InterlockedDecrement
CreateMutexA
HeapAlloc
GetProcAddress
GetProcessHeap
ReadFile
GetModuleHandleA
CreateProcessA
WriteFile
CreateDirectoryA
LeaveCriticalSection
GetLastError
UnlockFile
ReadProcessMemory
GetTempFileNameW
DeviceIoControl
GetLongPathNameW
WaitForSingleObject
SetFileAttributesA
VerifyVersionInfoW
GetUserDefaultUILanguage
DuplicateHandle
MapViewOfFileEx
WinExec
GetVersionExW
VerifyVersionInfoA
HeapCompact
RegisterWaitForSingleObject
GetVolumeInformationW
TransactNamedPipe
GetHandleInformation
CreateNamedPipeW
GetSystemDirectoryA
WriteConsoleInputA
WriteProfileStringA
FlushFileBuffers
OpenFileMappingA
GetLogicalDriveStringsW
GetShortPathNameW
GetLargestConsoleWindowSize
AddAtomA
TerminateJobObject
SetNamedPipeHandleState
GlobalMemoryStatus
SetHandleInformation
FlushViewOfFile
FileTimeToLocalFileTime
GetFileAttributesExA
HeapValidate
CompareStringW
OpenEventW
DeleteCriticalSection
CreateDirectoryW
GetConsoleScreenBufferInfo
IsBadStringPtrA
LockResource
GetCPInfo
SetEndOfFile
FileTimeToSystemTime
GetSystemWow64DirectoryW
CreateTimerQueueTimer
CompareStringA
SystemTimeToFileTime
CreateTimerQueue
IsProcessorFeaturePresent
FindResourceExA
lstrcmpiA
GetAtomNameA
lstrcpynW
PeekConsoleInputA
CreateIoCompletionPort
CreateJobObjectW
PurgeComm
ClearCommError
SetConsoleWindowInfo
GlobalAddAtomW
GetNumberFormatW
ReadFileEx
QueryPerformanceFrequency
IsBadStringPtrW
OpenSemaphoreA
GlobalFlags
lstrcatW
GlobalMemoryStatusEx
VerSetConditionMask
lstrcpyW
PeekConsoleInputW
CreateToolhelp32Snapshot
lstrcatA
FindResourceExW
CreateWaitableTimerA

shell32

SHGetFolderPathA
ShellExecuteA
SHParseDisplayName
SHBrowseForFolderW
SHFormatDrive
SHGetSpecialFolderLocation
SHSetLocalizedName
SHChangeNotify
ExtractIconW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e7749b34978d7d2aa22f353c2167a7f

Headers

File Characteristics

Imports

kernel32

shell32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB