78f1b7ec92cdb81d6f4446f6ddf6042d

Sharing

Copy URL Twitter E-mail

General

Target

78f1b7ec92cdb81d6f4446f6ddf6042d
Size

172KB
MD5

78f1b7ec92cdb81d6f4446f6ddf6042d
SHA1

60a699884d4f2ca8d8eaf616f96ff8ca4d34b695
SHA256

cdcdd870d71530de68264b13055a8c61652e6e8f23aa969171f0ddc67e5f0796
SHA512

4144d27ef01b19a2378dca237e80bc62bd836ffa76a55c83290631ccd6e9586a936a70ebfd23dcd7fee16d248db13278aed4f8861db4fcf1642b22243d789c5e
SSDEEP

3072:+6XoLlCh92HFTAC0Upbh7PDzRY1ZMqymMfFIFzJCD38t/w:+6XoLlbZ9Z9h7PhY1u7mMGFwDst

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78f1b7ec92cdb81d6f4446f6ddf6042d

Files

78f1b7ec92cdb81d6f4446f6ddf6042d
.dll regsvr32 windows:4 windows x86 arch:x86

0aa1db4eeeab709f3aa80c95d0b70cd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rpcrt4

UuidToStringA

winmm

timeGetTime

oleaut32

GetErrorInfo
VariantClear
SysFreeString
SysAllocString

netapi32

Netbios

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

msvcrt

malloc
isalpha
??3@YAXPAX@Z
??2@YAPAXI@Z
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
strtol
atoi
tmpnam
fopen
fwrite
fclose
isspace
isupper
strstr
__CxxFrameHandler
free
wcscmp
?what@exception@@UBEPBDXZ
wcslen
strtok
toupper
__mb_cur_max
strchr
wctomb
printf
strerror
tolower
srand
isgraph
ispunct
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@XZ
isalnum
??0exception@@QAE@ABV0@@Z
isxdigit
islower
strncpy

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

advapi32

RegCloseKey
RegOpenKeyExW
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegOpenKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegQueryValueExW

wininet

InternetCloseHandle
InternetReadFile
InternetOpenA
InternetSetOptionA
InternetOpenUrlA
HttpQueryInfoA

ole32

CoTaskMemAlloc
CoInitialize
CoCreateGuid
CoCreateInstance
CoTaskMemFree

user32

GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
OpenClipboard
CloseClipboard
SystemParametersInfoA
SetWindowPos
KillTimer
SetTimer
DefWindowProcA

shlwapi

StrStrIA
SHGetValueA
SHSetValueA

kernel32

lstrlenA
GetCurrentDirectoryA
GetEnvironmentVariableA
GetLocalTime
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedExchange
GetSystemDirectoryA
GetWindowsDirectoryA
lstrcpyA
SleepEx
CloseHandle
OpenProcess
GetCurrentProcessId
GetModuleHandleA
LocalFree
FormatMessageA
GetSystemInfo
MultiByteToWideChar
Sleep
GetEnvironmentStrings
lstrcpynA
lstrcmpiA
lstrcmpA
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GetProcessTimes
GetCurrentProcess
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
GetThreadTimes
GetCurrentThread
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
HeapFree
GetLastError
SetLastError
GetFullPathNameA
GetVersionExA
GetVersion
HeapSize
HeapAlloc
GetProcessHeap
FreeEnvironmentStringsA
GetModuleFileNameA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0aa1db4eeeab709f3aa80c95d0b70cd5

Headers

File Characteristics

Imports

rpcrt4

winmm

oleaut32

netapi32

version

msvcrt

psapi

advapi32

wininet

ole32

user32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 20KB - Virtual size: 23KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 20KB - Virtual size: 23KB

.reloc
Size: 12KB - Virtual size: 8KB