88cb9ceeee5ee299c04c21c9eaaf064e

Sharing

Copy URL Twitter E-mail

General

Target

88cb9ceeee5ee299c04c21c9eaaf064e
Size

587KB
MD5

88cb9ceeee5ee299c04c21c9eaaf064e
SHA1

87536665c97c2c29e5202d93837e55d3d7753c3e
SHA256

9d645202a99f3bbfc73c592589f23d9b6bc04e6d76a173b365924de7cc34c118
SHA512

8ae6b41fe0ebb92adbf97b48718baacbcb215378e2ba96b5b722d5a6b8abac1146c8122a67aa31ea837b61d79a862ca2264f39962b85084f7465962d74fcea46
SSDEEP

12288:tCqnuRpfJRASasV8Nfm1L+nKX61yCIWCsIjrc:M+u/fJRASasq5WLgKX6wTWlI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88cb9ceeee5ee299c04c21c9eaaf064e

Files

88cb9ceeee5ee299c04c21c9eaaf064e
.dll regsvr32 windows:6 windows x86 arch:x86

1a2f1a7629c921b27d459573b4cb6c13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

wmdrmdev.pdb

Imports

msvcrt

strtoul
strchr
_vsnprintf
_beginthreadex
wcsstr
_vsnwprintf
_ultow
swscanf
_wcsicmp
time
srand
_wtol
_CIpow
realloc
wctomb
_itoa
_snprintf
_iob
isleadbyte
_CIsqrt
calloc
_onexit
_lock
__dllonexit
_unlock
memmove
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
memset
??_V@YAXPAX@Z
wcsncmp
_purecall
memcpy
??_U@YAPAXI@Z
??2@YAPAXI@Z
??3@YAXPAX@Z
__badioinfo
__pioinfo
_wcsnicmp
wcschr
_errno
_fileno
_lseeki64
wcspbrk
_write
_isatty

kernel32

RaiseException
LocalAlloc
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
CreateEventA
SetEvent
FreeLibraryAndExitThread
GetSystemDirectoryA
GetComputerNameW
LoadLibraryW
GetSystemInfo
CreateThread
GetCurrentThread
SetThreadPriority
WaitForSingleObject
CreateSemaphoreA
SetLastError
VirtualProtect
InitializeCriticalSectionAndSpinCount
VirtualFree
VirtualAlloc
ExitProcess
DebugBreak
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
DisableThreadLibraryCalls
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
CloseHandle
CreateFileA
UnhandledExceptionFilter
HeapFree
GetProcessHeap
HeapAlloc
GetLastError
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FileTimeToSystemTime
QueryPerformanceFrequency
QueryPerformanceCounter
CancelWaitableTimer
CreateWaitableTimerW
CreateSemaphoreW
ReleaseSemaphore
WaitForMultipleObjects
SetWaitableTimer
InterlockedExchange
Sleep
InterlockedCompareExchange
OutputDebugStringA
RtlUnwind
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
LoadLibraryA
ReadFile
SetFilePointer
WriteFile
FreeLibrary
GetFileSize
GetModuleHandleW
GetVersionExA
DeviceIoControl
FreeEnvironmentStringsA
FreeEnvironmentStringsW
lstrlenA
lstrlenW
GetEnvironmentStrings
GetEnvironmentStringsW
GetDiskFreeSpaceA
GlobalMemoryStatus
GetLocalTime
GetVersion
GetVersionExW
LocalFree
CreateFileW
GetProcAddress
CompareStringW

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegDeleteValueW
RegCreateKeyExW

ole32

CoInitializeEx
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysStringByteLen
SysStringLen
SysAllocString
VariantChangeType
VariantCopy
SysAllocStringLen
VariantInit
VariantClear
SysFreeString

user32

RegisterClassA
CreateWindowExA
SetWindowLongA
GetMessageA
DispatchMessageA
DestroyWindow
PostQuitMessage
GetWindowLongA
DefWindowProcA
PostMessageA

Exports

Exports

DllRegisterServer
WMCreateDeviceRegistrationPriv

Sections

.text
Size: 360KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a2f1a7629c921b27d459573b4cb6c13

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

advapi32

ole32

oleaut32

user32

Exports

Exports

Sections

.text Size: 360KB - Virtual size: 359KB

.data Size: 213KB - Virtual size: 213KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 360KB - Virtual size: 359KB

.data
Size: 213KB - Virtual size: 213KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 10KB