b5f1e78cd57b76ac44c19562b1a131ff

Sharing

Copy URL

Twitter E-mail

General

Target

b5f1e78cd57b76ac44c19562b1a131ff
Size

172KB
MD5

b5f1e78cd57b76ac44c19562b1a131ff
SHA1

740d83fb515ef33d3c2b9335ee97294d02c8af95
SHA256

f112917293ce6faa069a0062bb7f392d737693693e3f9d97c74e58106f1233b8
SHA512

560e2e98e79d58dfd618eaa9e034109ec62555fc0e03dc0d7e35f9cffec701ffb3199ef7fb78c464d7ccafcc6bbba212c70ca8e565d53258cd98e3b352760dd9
SSDEEP

3072:3hXRHR8TJPDCwxz6hz08k/n090Dw/IGhmLt+4lb4IZT1DZHmeWcuFE:dRHR8tGwxzS08k/n80MqvUIZBNmegF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5f1e78cd57b76ac44c19562b1a131ff

Files

b5f1e78cd57b76ac44c19562b1a131ff
.dll regsvr32 windows:4 windows x86 arch:x86

b50a01226d816fd7b20da0c19f16fb9a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

urlmon

UrlMkSetSessionOption
URLDownloadToFileA
IsValidURL
CoInternetCompareUrl
ObtainUserAgentString

kernel32

lstrlenA
GetModuleFileNameA
InterlockedExchange
GetVersionExA
GetACP
GetLocaleInfoA
GetThreadLocale
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
MultiByteToWideChar
GetLastError
WideCharToMultiByte
lstrlenW
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
lstrcatA
CloseHandle
TerminateProcess
GetLocalTime
ReleaseMutex
CreateMutexA
CreateSemaphoreA
Sleep
lstrcatW
lstrcpyW
lstrcpyA
GetCPInfo
GetOEMCP
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
WriteFile
GetEnvironmentStringsW
lstrcmpiA
GetVersion
GetTickCount
DisableThreadLibraryCalls
LCMapStringW
ReadFile
SetStdHandle
FlushFileBuffers
GetStringTypeA
VirtualProtect
FreeEnvironmentStringsW
GetEnvironmentStrings
LCMapStringA
SetFilePointer
FreeEnvironmentStringsA
VirtualQuery
GetSystemInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
TlsAlloc
TlsGetValue
SetLastError
TlsFree
GetCurrentProcessId
QueryPerformanceCounter
HeapSize
GetCurrentProcess
GetStringTypeW
CreateProcessA
ExitProcess
RtlUnwind
HeapFree
RaiseException
HeapReAlloc
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetProcAddress
GetModuleHandleA

user32

SetTimer
wsprintfA
wsprintfW
KillTimer
CharNextA
GetDoubleClickTime
GetKeyboardLayout

advapi32

RegDeleteValueA
RegSetValueExA
RegOpenKeyA
RegQueryInfoKeyA
RegEnumKeyExA
RegCreateKeyExA
RegQueryValueExA
RegCreateKeyA
RegEnumKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

ole32

StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

oleaut32

UnRegisterTypeLi
DispCallFunc
SafeArrayDestroy
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayUnaccessData
SafeArrayCreateVector
SysStringLen
LoadRegTypeLi
VariantInit
LoadTypeLi
SysAllocString
RegisterTypeLi
SysFreeString
VarUI4FromStr
VariantClear

shlwapi

PathFindExtensionA

comctl32

GetMUILanguage
InitCommonControlsEx

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b50a01226d816fd7b20da0c19f16fb9a

Headers

File Characteristics

Imports

wininet

urlmon

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 114KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 4.6MB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 116KB - Virtual size: 114KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 4.6MB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 20KB - Virtual size: 19KB