7d6066917c81ff22a89901298a4cdf3d

Sharing

Copy URL

Twitter E-mail

General

Target

7d6066917c81ff22a89901298a4cdf3d
Size

356KB
MD5

7d6066917c81ff22a89901298a4cdf3d
SHA1

e69e384679fd51da634097f596ec393da0b49e18
SHA256

e61b0af971c29c59f677e434afaaf29edb2e4573ae05a52a83abd20d562940ca
SHA512

9cb207f853acce2736338378042563fc325dcf8b25184602a8716e78b9a2735ab51c42a749badedfbcd9253f322272c54ebd1e6ba270d9d689ab1564a58d5c6e
SSDEEP

6144:4iG4vu8ZPXk1YOWkHwzU9qUTCmyQQEsC+SWQeOOSxp6piG4vu8ZPXkbA9R9:y4lxTOWiUU9q1hbV4lxpP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d6066917c81ff22a89901298a4cdf3d

Files

7d6066917c81ff22a89901298a4cdf3d
.dll regsvr32 windows:4 windows x86 arch:x86

dbdccf2565e201ec577269f731433e53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
MultiByteToWideChar
WideCharToMultiByte
SetFileAttributesA
GetFileAttributesA
lstrlenW
lstrlenA
DeleteFileA
ExitProcess
Sleep
CopyFileA
GetCurrentProcessId
CreateMutexA
OpenMutexA
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
GetModuleFileNameA
GetTickCount
CreateRemoteThread
GetModuleHandleA
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
ResumeThread
HeapFree
HeapAlloc
GetProcessHeap
GetCommandLineA
LockResource
FreeResource
OpenProcess
SizeofResource
FindResourceA
LoadLibraryExA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
FindClose
FindNextFileA
FindFirstFileA
GetCurrentDirectoryA
CreateToolhelp32Snapshot
Process32Next
Process32First
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapSize
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
RaiseException
GetConsoleMode
GetConsoleCP
GetThreadLocale
InterlockedExchange
InitializeCriticalSection
GetCurrentProcess
DuplicateHandle
GetLastError
LocalFree
SetLastError
GetFileSize
SetFilePointer
ReadFile
CreateFileA
WriteFile
LoadResource
CloseHandle
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
InterlockedDecrement
InterlockedIncrement
TlsFree
HeapReAlloc
RtlUnwind
ExitThread
GetCurrentThreadId
CreateThread
GetSystemTimeAsFileTime
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue

user32

PostMessageA
FindWindowExA
UnhookWinEvent
FindWindowA
GetWindowTextA
RegisterClassExA
CreateWindowExA
SetTimer
ShowWindow
DefWindowProcA
SetWinEventHook
GetMessageA
DispatchMessageA
TranslateMessage
SetWindowPos
SetWindowLongA
GetDesktopWindow
EnumChildWindows
SendMessageA
KillTimer
GetClassNameA

advapi32

LookupAccountSidA
OpenProcessToken
GetTokenInformation
LookupPrivilegeValueA
AdjustTokenPrivileges
SetEntriesInAclA
SetSecurityInfo

shell32

SHGetSpecialFolderLocation
CommandLineToArgvW
SHChangeNotify
SHGetSpecialFolderPathA
SHGetPathFromIDListA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
install
uninstall

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbdccf2565e201ec577269f731433e53

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 252KB - Virtual size: 250KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 252KB - Virtual size: 250KB

.reloc
Size: 12KB - Virtual size: 9KB