b8339924243b2b38a11846f63ae291f1

Sharing

Copy URL Twitter E-mail

General

Target

b8339924243b2b38a11846f63ae291f1
Size

132KB
MD5

b8339924243b2b38a11846f63ae291f1
SHA1

0903734182b5538c4141041d0d9935baf32216dc
SHA256

64e270a386bb71fa60ee76b5fc759a300be7d1f635138c179c257526bd299431
SHA512

7057671c19a23da9b56a94814e1c1ddebb7442d252985934eb0c2f61cf69d0d420a11ab82cd02e1c0572035cf511838e7e9ba0770f463cea06600a0c053e2cf8
SSDEEP

3072:tyo8fEGq3LwZp4jrP34V5LWdWsJzCdHs215gP9YF:koOEGq3L7nPCVoWuCdM215gKF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8339924243b2b38a11846f63ae291f1

Files

b8339924243b2b38a11846f63ae291f1
.dll regsvr32 windows:4 windows x86 arch:x86

c303e7fb608aa6c303fd3fc2dfcfa18b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

rpcrt4

UuidToStringA

netapi32

Netbios

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

oleaut32

VariantClear
SysFreeString
SysAllocString
GetErrorInfo

user32

EnumWindows
OpenClipboard
CloseClipboard
EnumChildWindows
GetWindowThreadProcessId
DefWindowProcA
wsprintfA
RegisterClassExA
CreateWindowExA
KillTimer
GetMessageA
TranslateMessage
DispatchMessageA
SystemParametersInfoA
SetWindowPos
GetClassNameA
SetTimer
ShowWindow

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

msvcrt

isgraph
islower
isalpha
isxdigit
ispunct
?what@exception@@UBEPBDXZ
wcslen
wcscmp
strstr
toupper
strtok
srand
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
strerror
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
tolower
isupper
free
printf
__mb_cur_max
malloc
wctomb
isalnum
strncpy
strchr
strtol
atoi
??2@YAPAXI@Z
tmpnam
fopen
fwrite
fclose
??3@YAXPAX@Z
__CxxFrameHandler
isspace
_stricmp

wininet

InternetOpenUrlA
InternetSetOptionA
InternetOpenA
InternetReadFile
HttpQueryInfoA
InternetCloseHandle

shlwapi

SHGetValueA
SHSetValueA
StrStrIA

ole32

CoTaskMemFree
CoCreateGuid
CoCreateInstance
CoTaskMemAlloc
CoInitialize

advapi32

RegCloseKey
RegOpenKeyExW
RegOpenKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegQueryValueExW

kernel32

MultiByteToWideChar
GetSystemInfo
GetCurrentProcess
GetProcessTimes
GetVersion
OpenProcess
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetProcessHeap
lstrcpyA
GetWindowsDirectoryA
LocalFree
InterlockedExchange
GetModuleFileNameA
SetLastError
GetLastError
HeapAlloc
HeapSize
GetVersionExA
lstrlenA
GetCurrentDirectoryA
GetEnvironmentVariableA
HeapFree
Sleep
FormatMessageA
lstrcpynA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetModuleHandleA
lstrcmpiA
lstrcmpA
GetCurrentProcessId
CreateFileA
GetFullPathNameA
QueryPerformanceCounter
GetTickCount
SleepEx
MoveFileExA
CloseHandle
WaitForSingleObject
CreateProcessA
QueryPerformanceFrequency
FreeLibrary
GetProcAddress
LoadLibraryA
DeleteFileA
GetSystemDirectoryA
GetLocalTime
GetThreadTimes
GetCurrentThread

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c303e7fb608aa6c303fd3fc2dfcfa18b

Headers

File Characteristics

Imports

winmm

rpcrt4

netapi32

psapi

oleaut32

user32

version

msvcrt

wininet

shlwapi

ole32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 16KB - Virtual size: 20KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 16KB - Virtual size: 20KB

.reloc
Size: 8KB - Virtual size: 6KB