78fd2c4c7132f4edf7e986f4cf72ec9e

Sharing

Copy URL Twitter E-mail

General

Target

78fd2c4c7132f4edf7e986f4cf72ec9e
Size

136KB
MD5

78fd2c4c7132f4edf7e986f4cf72ec9e
SHA1

e392c3ad634086b932e31532c8314d4ee6ba3ff1
SHA256

2389862f36d4afca63ca664474cfda8e08b0e07621a9813714aa0c9038f60a48
SHA512

8a30242bfbfa567012c6cb0cebb888cc731afaad58ca7150c6329377febdd836a893a3611b9ca5482dc208c66eafc01b7876e9a550e09d04cbfa0468dbdbef51
SSDEEP

3072:IylqTPyOSOdNTuXRWYuw3lnEip67R3KJgcR40s8B:IrZ6XL/lnEik3Xcu0s8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78fd2c4c7132f4edf7e986f4cf72ec9e

Files

78fd2c4c7132f4edf7e986f4cf72ec9e
.dll regsvr32 windows:4 windows x86 arch:x86

797e1bf195ca751b61b5072285e4d42f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowWindow
GetMessageA
RegisterClassExA
CloseClipboard
TranslateMessage
wsprintfA
DefWindowProcA
SetTimer
DispatchMessageA
KillTimer
EnumWindows
OpenClipboard
CreateWindowExA
SystemParametersInfoA
SetWindowPos
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows

rpcrt4

UuidToStringA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoCreateGuid
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

advapi32

CryptGenRandom
CryptReleaseContext
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
CryptAcquireContextA

winmm

timeGetTime

wininet

InternetCloseHandle
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
HttpQueryInfoA
InternetReadFile

netapi32

Netbios

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

shlwapi

StrStrIA
SHGetValueA
SHSetValueA

oleaut32

VariantClear
GetErrorInfo
SysAllocString
SysFreeString

msvcrt

malloc
__mb_cur_max
strncpy
ispunct
islower
isxdigit
strerror
tolower
__CxxFrameHandler
??2@YAPAXI@Z
strchr
??3@YAXPAX@Z
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@XZ
isgraph
printf
isalpha
isalnum
_stricmp
fclose
fwrite
fopen
tmpnam
atoi
strtol
free
toupper
strtok
strstr
isupper
isspace
?what@exception@@UBEPBDXZ
wcslen
wcscmp
srand
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
wctomb

kernel32

GetProcessTimes
SleepEx
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
CreateFileA
DeleteFileA
CreateProcessA
WaitForSingleObject
GetCurrentProcess
FormatMessageA
LocalFree
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentProcessId
OpenProcess
CloseHandle
GetVersion
FreeEnvironmentStringsA
GetEnvironmentStrings
MultiByteToWideChar
lstrcpynA
lstrcmpiA
lstrcmpA
MoveFileExA
GetSystemDirectoryA
GetModuleHandleA
GetSystemInfo
GetCurrentThread
GetThreadTimes
GetProcessHeap
lstrcpyA
GetWindowsDirectoryA
GetFullPathNameA
InterlockedExchange
GetModuleFileNameA
SetLastError
GetLastError
HeapAlloc
HeapSize
HeapFree
GetVersionExA
QueryPerformanceCounter
lstrlenA
GetCurrentDirectoryA
GetEnvironmentVariableA
GetLocalTime
Sleep
GetTickCount
QueryPerformanceFrequency

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

797e1bf195ca751b61b5072285e4d42f

Headers

File Characteristics

Imports

user32

rpcrt4

ole32

version

advapi32

winmm

wininet

netapi32

psapi

shlwapi

oleaut32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 16KB - Virtual size: 20KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 16KB - Virtual size: 20KB

.reloc
Size: 8KB - Virtual size: 6KB