7f107d6fa74e4b80042b742c92ce3bf2

Sharing

Copy URL Twitter E-mail

General

Target

7f107d6fa74e4b80042b742c92ce3bf2
Size

140KB
MD5

7f107d6fa74e4b80042b742c92ce3bf2
SHA1

c2948d19692ceb738a59c9138d625ba4ce711607
SHA256

24875bb52ae354cd485ea2e4da13b4854ccaf0c6ca5a0e9195f6737f602927bc
SHA512

b92a427edea0dec346b9c4a8f02db1d47ee0dfae674a8385b55d18035dca218031eca221f74e0a473851745259faeb291f5030a56f6eb958a4f7b3b59b4db236
SSDEEP

3072:FE0PRTxQuVmrCq4v6Y0ppx9SA60BJVgC9GTqv8SGlvu:FhPRTxPVA/4v6nps0ZgC9GTq0SG8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f107d6fa74e4b80042b742c92ce3bf2

Files

7f107d6fa74e4b80042b742c92ce3bf2
.dll regsvr32 windows:4 windows x86 arch:x86

65bd517a49b80355e4ed993e7bd37d3d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rpcrt4

UuidToStringA

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

oleaut32

SysFreeString
VariantClear
SysAllocString
GetErrorInfo

netapi32

Netbios

user32

EnumWindows
KillTimer
SetTimer
DefWindowProcA
SystemParametersInfoA
SetWindowPos
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
OpenClipboard
CloseClipboard
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows

advapi32

SetEntriesInAclA
SetSecurityInfo
RegOpenKeyExA
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetSecurityInfo

ole32

CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

msvcrt

fclose
fwrite
fopen
tmpnam
atoi
strncpy
srand
ispunct
wctomb
__mb_cur_max
printf
islower
strchr
isgraph
isspace
isxdigit
tolower
isalnum
_stricmp
isupper
strerror
toupper
strtok
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
strstr
wcscmp
wcslen
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
?what@exception@@UBEPBDXZ
??2@YAPAXI@Z
??3@YAXPAX@Z
free
malloc
__CxxFrameHandler
isalpha

shlwapi

SHGetValueA
SHSetValueA
StrStrIA

winmm

timeGetTime

wininet

InternetSetOptionA
HttpQueryInfoA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetReadFile

kernel32

GetSystemInfo
MultiByteToWideChar
lstrcpynA
lstrcpyA
GetFullPathNameA
InterlockedExchange
SetLastError
GetWindowsDirectoryA
GetCurrentDirectoryA
CreateRemoteThread
GetCurrentThread
GetThreadTimes
lstrlenA
FormatMessageA
LocalFree
GetModuleHandleA
GetVersionExA
GetSystemDirectoryA
DeleteFileA
CreateProcessA
WriteProcessMemory
VirtualAllocEx
SleepEx
GetLocalTime
CreateFileA
GetCurrentProcessId
GetEnvironmentVariableA
QueryPerformanceCounter
WaitForSingleObject
LoadLibraryA
GetProcAddress
FreeLibrary
MoveFileExA
OpenProcess
CloseHandle
lstrcmpA
lstrcmpiA
GetTickCount
HeapFree
GetProcessHeap
GetProcessTimes
GetCurrentProcess
QueryPerformanceFrequency
Sleep
FreeEnvironmentStringsA
GetEnvironmentStrings
GetLastError
HeapSize
HeapAlloc
GetModuleFileNameA
GetVersion

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65bd517a49b80355e4ed993e7bd37d3d

Headers

File Characteristics

Imports

rpcrt4

psapi

oleaut32

netapi32

user32

advapi32

ole32

version

msvcrt

shlwapi

winmm

wininet

kernel32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 20KB - Virtual size: 21KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 20KB - Virtual size: 21KB

.reloc
Size: 8KB - Virtual size: 6KB