8cd126ef109370e71d5e5ed23e4daff8

Sharing

Copy URL Twitter E-mail

General

Target

8cd126ef109370e71d5e5ed23e4daff8
Size

172KB
MD5

8cd126ef109370e71d5e5ed23e4daff8
SHA1

777d2af3d9cfbf70f13240ca2c5a164cdf839a76
SHA256

5b1ab8654e171c9132eb721b0abb140c585e2b0366a66530eb349c2516898b6e
SHA512

8293c30ea43c3a31030a997bfef57d9449e6368741683427fd95cf5546104c5517023baa1f4cd3693b84a4126e44ec84ae2d97c0696e2fec29473ca9427a710a
SSDEEP

3072:ZyBrpo/pimYXYrRvqUcGNryFlfQzc58Kbr9aUeTJg8cWIY7erRCZD:ZIpo/2orRvqUcWeFlfQU8a8cWIY7erR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8cd126ef109370e71d5e5ed23e4daff8

Files

8cd126ef109370e71d5e5ed23e4daff8
.dll regsvr32 windows:4 windows x86 arch:x86

a48eed31c012b23e19d0bcd1eac114f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CloseClipboard
OpenClipboard
DefWindowProcA
SetTimer
KillTimer
EnumWindows
EnumChildWindows
GetWindowThreadProcessId
GetClassNameA
DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
RegisterClassExA
SetWindowPos
SystemParametersInfoA
wsprintfA

wininet

InternetCloseHandle
InternetOpenA
HttpQueryInfoA
InternetSetOptionA
InternetOpenUrlA
InternetReadFile

oleaut32

GetErrorInfo
SysAllocString
VariantClear
SysFreeString

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

netapi32

Netbios

msvcrt

tolower
printf
isalpha
free
strstr
fclose
fwrite
fopen
tmpnam
atoi
strtol
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
ispunct
__mb_cur_max
wctomb
wcscmp
?what@exception@@UBEPBDXZ
strerror
malloc
isxdigit
isspace
isupper
islower
srand
isgraph
??1exception@@UAE@XZ
??0exception@@QAE@XZ
strchr
_CxxThrowException
strncpy
??0exception@@QAE@ABV0@@Z
??2@YAPAXI@Z
strtok
??3@YAXPAX@Z
__CxxFrameHandler
isalnum
toupper
wcslen

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

ole32

CoInitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid

rpcrt4

UuidToStringA

advapi32

RegCloseKey
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegOpenKeyExA

winmm

timeGetTime

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

kernel32

CreateProcessA
WaitForSingleObject
MoveFileExA
lstrcpyA
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
SleepEx
GetLocalTime
GetSystemDirectoryA
GetSystemInfo
GetCurrentProcessId
GetWindowsDirectoryA
lstrcmpA
DeleteFileA
lstrcpynA
GetVersionExA
HeapAlloc
HeapSize
FormatMessageA
LocalFree
LoadLibraryA
GetProcAddress
FreeLibrary
GetFullPathNameA
SetLastError
QueryPerformanceCounter
GetTickCount
Sleep
GetCurrentThread
GetProcessHeap
OpenProcess
GetModuleFileNameA
GetModuleHandleA
lstrcmpiA
GetThreadTimes
CloseHandle
CreateFileA
GetCurrentDirectoryA
FreeEnvironmentStringsA
GetEnvironmentStrings
MultiByteToWideChar
QueryPerformanceFrequency
GetProcessTimes
GetCurrentProcess
HeapFree
GetLastError
lstrlenA
GetVersion

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a48eed31c012b23e19d0bcd1eac114f4

Headers

File Characteristics

Imports

user32

wininet

oleaut32

version

netapi32

msvcrt

shlwapi

ole32

rpcrt4

advapi32

winmm

psapi

kernel32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 24KB - Virtual size: 24KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 24KB - Virtual size: 24KB

.reloc
Size: 12KB - Virtual size: 8KB