760d23b3faaa09c480f5ece99a58ce49

Sharing

Copy URL

Twitter E-mail

General

Target

760d23b3faaa09c480f5ece99a58ce49
Size

112KB
MD5

760d23b3faaa09c480f5ece99a58ce49
SHA1

c420b0d0a51e56cac4fbb24d3f4fb23c31b1abe0
SHA256

4fb0a3bc69e28cbb418020d609344d3df117202b1add4db63e00802cc1b8be2d
SHA512

80a0c05ac2b86db3853defe887a8d5a2769b41c28357afa4fbbe9f0145ac77fab1271ab174c3c8c3ae03d51204a27763b007858e8dcc66aa9ae036b4fc345cd7
SSDEEP

1536:iko0WXKFhaCcArPH+uuZkMsIwS9B/3NRVjT07puERGV9Uzk+ORs0P0D:iR0WX6ha/oPHXuZz9FT07pZG3UERDE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
760d23b3faaa09c480f5ece99a58ce49

Files

760d23b3faaa09c480f5ece99a58ce49
.dll regsvr32 windows:4 windows x86 arch:x86

4f587e961da59b857b5c88aa3df3d18a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLogicalDriveStringsW
GetFileType
EscapeCommFunction
GetCurrentThreadId
GetVolumeInformationW
GetVolumePathNameW
CreateEventA
LocalSize
DeleteTimerQueueTimer
CreateThread
GetFileAttributesA
GlobalHandle
GetProfileSectionA
ExitThread
LocalFree
VirtualFree
IsBadWritePtr
SetLastError
UnregisterWait
GetEnvironmentStrings
ReadProcessMemory
CompareStringA
EnumSystemLocalesA
ClearCommError
GetTapeParameters
GlobalGetAtomNameA
GetNumberFormatA
FreeLibraryAndExitThread
GetDateFormatW
GlobalFree
SetTimeZoneInformation
GetSystemWindowsDirectoryA
EnumResourceLanguagesW
MapViewOfFileEx
GetStringTypeW
FindFirstFileA
DeleteCriticalSection
SetConsoleMode
LocalAlloc
GetLocalTime
FindFirstVolumeMountPointW
SetStdHandle
GetProfileStringA
SetFileApisToOEM
FindFirstFileExW
MoveFileA
SetHandleCount
GetBinaryTypeW
SetComputerNameA
GetFileInformationByHandle
CreateSemaphoreA
IsProcessorFeaturePresent
CreateEventW
SetCurrentDirectoryA
lstrcmpiA
lstrcpynA
FlushViewOfFile
OpenSemaphoreA
OpenMutexA
SetNamedPipeHandleState
LCMapStringA
SetWaitableTimer
GetShortPathNameW
WriteProfileStringA
GetConsoleCP
GetStartupInfoW
CancelIo
SuspendThread
GetFileAttributesExW
CopyFileExW
GetProcessHeap
HeapFree
GetModuleFileNameA
CreateMutexA
EnterCriticalSection
Sleep
HeapAlloc
InterlockedIncrement
WriteFile
InitializeCriticalSection
ReadFile
ExpandEnvironmentStringsA
GetProcAddress
GetTickCount
VirtualQuery
CreateFileA
GetCurrentProcessId
LeaveCriticalSection
GetLastError
GlobalAlloc
InterlockedDecrement
CreateProcessA
GetEnvironmentVariableW
LoadLibraryA

ole32

OleTranslateAccelerator
StringFromIID
StgCreateDocfileOnILockBytes
CoInitializeEx
OleRegEnumVerbs
SetConvertStg
GetRunningObjectTable
CoImpersonateClient
CoMarshalInterface
CoDisableCallCancellation
PropVariantCopy
OleRun
CoMarshalInterThreadInterfaceInStream
OleLockRunning
CoTaskMemAlloc
CoInitialize
OleCreate
CoTaskMemFree
CLSIDFromString
StringFromGUID2

shell32

ExtractIconW
SHCreateDirectoryExW
SHFileOperationA
CommandLineToArgvW
ShellExecuteA
DragQueryFileA
ShellExecuteExA
SHGetFolderLocation
ShellAboutA
SHGetFolderPathA

gdi32

GetObjectA
ScaleViewportExtEx
PtInRegion
GetRegionData
ResizePalette
CreateRectRgnIndirect
PaintRgn
CreateRoundRectRgn
CreatePenIndirect
GetPixelFormat
GetViewportOrgEx
CreatePen
StretchBlt
GetTextFaceW
CreateCompatibleDC
GetCurrentObject
Escape
SetPixel
GetFontResourceInfoW
GetWindowOrgEx
InvertRgn
AddFontResourceW
SetDIBits
CreateMetaFileA
Arc
SetMagicColors
PlayEnhMetaFile
CreateBitmapIndirect
DeleteMetaFile
GetBitmapBits
GetDCOrgEx
SetArcDirection
SetPolyFillMode
GetObjectType
AbortPath
CopyMetaFileW
GetTextMetricsA
CloseEnhMetaFile
CreatePolygonRgn
TextOutW
EnumFontFamiliesA
GetPixel
FillPath
PolylineTo
SetStretchBltMode
TextOutA
SetTextCharacterExtra

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f587e961da59b857b5c88aa3df3d18a

Headers

File Characteristics

Imports

kernel32

ole32

shell32

gdi32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB