999c153da3e31d48f1a732fc5f9d1a06

General

Target

999c153da3e31d48f1a732fc5f9d1a06
Size

116KB
MD5

999c153da3e31d48f1a732fc5f9d1a06
SHA1

b3a031b7fd7bb5804fea6301b8e02956d3ec1e89
SHA256

256409cba620973abea9840dd80cb18c5e9fa5d457c17beab1b52054fafc0803
SHA512

de5e0c6653fe5625ad7dfbbfb30612f2b83b52a327d77f31bf0d7a8da0866cdbd352fe970a87c8a730732ee358277ab84ea0981f22c2f7be8c818669348ceecd
SSDEEP

1536:0fPsPa+S2nIFqy2a24JkHFlzNNFwvchUbjj90/FTDanwlkUP4g3ka0/oR:fa+SR4xaOXhUbH98QwlkUP4g0a0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
999c153da3e31d48f1a732fc5f9d1a06

Files

999c153da3e31d48f1a732fc5f9d1a06
.dll regsvr32 windows:4 windows x86 arch:x86

4d941b96408b9d03d711ec08374ca739

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CancelWaitableTimer
GetCurrentProcessId
SetLastError
FindFirstFileW
InterlockedIncrement
GlobalAddAtomW
FindClose
Sleep
CreateEventW
GetProcAddress
WaitForSingleObject
QueryDosDeviceW
GlobalFree
lstrlenW
GetPrivateProfileStringW
LoadLibraryA
GlobalUnlock
GetCurrentThread
TerminateThread
SizeofResource
MultiByteToWideChar
DeleteFileW

user32

GetDlgItem
SendMessageW
SetCapture
GetMessageW
TrackPopupMenu
CreatePopupMenu
EndDialog
PostMessageW
SetDlgItemTextW
GetCursorPos
SendDlgItemMessageW
InvalidateRect
DrawTextW
LoadCursorW
SetWindowPos
SetForegroundWindow
SetWindowTextW
FillRect
SystemParametersInfoW
SetCursor
ReleaseCapture

gdi32

CreateBitmap
CreateSolidBrush
LineTo
DeleteDC
BitBlt
SetBkMode
SetMapMode
GetStockObject
CreateRoundRectRgn
CreateICW

advapi32

RegDeleteValueW
RegNotifyChangeKeyValue
RegQueryValueExW
LookupPrivilegeValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.uskdkw
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.aotfwq
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idcsdr
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d941b96408b9d03d711ec08374ca739

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.uskdkw Size: 96KB - Virtual size: 92KB

.aotfwq Size: 4KB - Virtual size: 1KB

.idcsdr Size: 4KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 6KB

.uskdkw
Size: 96KB - Virtual size: 92KB

.aotfwq
Size: 4KB - Virtual size: 1KB

.idcsdr
Size: 4KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 6KB