7bcf5f05eaa56cdef3b02d1669b87735

Sharing

Copy URL Twitter E-mail

General

Target

7bcf5f05eaa56cdef3b02d1669b87735
Size

67KB
MD5

7bcf5f05eaa56cdef3b02d1669b87735
SHA1

fe920390bcaa0de2cd5823afd788da480bcec08f
SHA256

a103ecbfe94488227fecab4c4c97d004b28a3d63934c30d9e9c2eb57e45745ba
SHA512

df43b3a190a80e062f5574c81138390431f24222a6aba63918061730d1fa7c3ef277d21d823d03b96dbb2577b14cc5e23382a591444c5881ee0db4637de3c2d9
SSDEEP

1536:uoaIcJ3NCv0sCY+HSbuIlcixCeCNJEs4WpAr9QsKo7/tfajrX:uscPCMzY+ybGixHmEimuPigL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/asnoad.dll

Files

7bcf5f05eaa56cdef3b02d1669b87735
.cab
asnoad.dll
.dll regsvr32 windows:4 windows x86 arch:x86

57a0dcffb52436721ce5cf8b46d983d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

PlaySoundA

wininet

InternetCrackUrlA

shlwapi

SHDeleteValueA
SHGetValueA
SHSetValueA
SHEnumValueA
SHDeleteKeyA
UrlCombineW

kernel32

GetModuleFileNameA
MapViewOfFile
OpenFileMappingA
DisableThreadLibraryCalls
GetTickCount
GetWindowsDirectoryA
GetEnvironmentVariableA
FindClose
FindFirstFileA
GetVersionExA
lstrlenW
Sleep
WriteProcessMemory
ReadProcessMemory
GetCurrentProcess
GetShortPathNameA
FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
FindResourceA
MulDiv
ExitProcess
SetUnhandledExceptionFilter
MoveFileExA
DeleteFileA
CopyFileA
CreateDirectoryA
SetErrorMode
LoadLibraryExA
MultiByteToWideChar
GetModuleFileNameW
LoadLibraryW
GetVersion
GetFileAttributesW
GetModuleHandleW
GetModuleHandleA
LoadLibraryA
GetLastError
SetLastError
GetProcAddress
FreeLibrary
OutputDebugStringA
DebugBreak
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
lstrlenA
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsAlloc
TlsFree
VirtualProtect
LocalFree

user32

SetCursor
TrackMouseEvent
InvalidateRect
DefWindowProcA
CopyRect
DrawTextA
SetWindowLongA
UpdateWindow
GetDC
ReleaseDC
SendDlgItemMessageA
IsWindowVisible
ShowWindow
GetClientRect
SetWindowPos
EnumWindows
LoadCursorA
PtInRect
GetCursorPos
CreateDialogParamA
GetWindowTextA
CharUpperA
wsprintfA
SendMessageA
DialogBoxParamA
LoadMenuA
GetSubMenu
GetDlgItemTextA
SetDlgItemTextA
MoveWindow
CheckMenuItem
EnableMenuItem
DeleteMenu
GetAncestor
TrackPopupMenu
MessageBoxA
IsWindow
PostMessageA
DestroyMenu
GetPropA
EndDialog
IsDlgButtonChecked
CheckDlgButton
SetPropA
BeginPaint
EndPaint
RemovePropA
GetDlgItem
GetWindowRect
ScreenToClient
LoadStringA
CharNextA
wvsprintfA
ClientToScreen
DestroyIcon
LoadIconA
DestroyCursor
CallNextHookEx
GetKeyState
GetFocus
GetClassNameA
GetParent
FindWindowExA
UnhookWindowsHookEx
SetWindowsHookExA
SetFocus
EnableWindow
DispatchMessageA
TranslateMessage
PeekMessageA
IsWindowEnabled
SetForegroundWindow

gdi32

SetBkMode
CreateSolidBrush
SetTextColor
SelectObject
GetStockObject
GetObjectA
CreateFontIndirectA
GetDeviceCaps
DeleteObject

advapi32

RegSetValueExA
RegCreateKeyExA
CloseServiceHandle
QueryServiceStatus
OpenServiceA
OpenSCManagerA
StartServiceA
ControlService
ChangeServiceConfigA
RegOpenKeyA
RegCloseKey

shell32

ShellExecuteA

ole32

OleInitialize
CoCreateInstance
CoGetMalloc
StringFromIID
CreateStreamOnHGlobal
OleUninitialize

oleaut32

SysStringLen
OleLoadPicture
LoadTypeLi
RegisterTypeLi
SysAllocStringLen
SysFreeString

msvcrt

atoi
_ismbcdigit
wcslen
??2@YAPAXI@Z
memcpy
_mbscmp
memcmp
__CxxFrameHandler
_except_handler3
strcmp
_CxxThrowException
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
strlen
_snprintf
wcsncmp
memset
strcpy
strrchr
_mbsrchr
strcat
strncpy
strstr
wcscmp
_mbsicmp
memmove
_strnicmp
strchr
free
malloc
fclose
fseek
fopen
fprintf
fgets
rewind
_wcsicmp
_wcsnicmp
_stricmp

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Settings

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Setting
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
filter.ini
float.gif
.gif
sound.wav

Sharing

General

Malware Config

Signatures

Files

57a0dcffb52436721ce5cf8b46d983d0

Headers

File Characteristics

Imports

version

winmm

wininet

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msvcrt

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 7KB

.Setting Size: 4KB - Virtual size: 1KB

.rsrc Size: 40KB - Virtual size: 37KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 7KB

.Setting
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 40KB - Virtual size: 37KB

.reloc
Size: 8KB - Virtual size: 6KB