c22414d4e7902c2f6979d90131a66dc6

Sharing

Copy URL Twitter E-mail

General

Target

c22414d4e7902c2f6979d90131a66dc6
Size

120KB
MD5

c22414d4e7902c2f6979d90131a66dc6
SHA1

df03f8cfba558f007899953ad4a5908bf3729213
SHA256

0a6fcbcd6a33ee9f2af2f0597e2e9b84882da276d9572b6c7a60db883d0c8935
SHA512

15cec34ff56df409f3641c44218554f781d0777fe336153111824dedf037695d43e11ac28ecfa7a8c5c9b0035b4a822ecff68e4d86fd80feacc5f217033505df
SSDEEP

3072:KsayN24shNAYhKKXuqkCTt9XI0h8SWr0EzGUtUW22aE:XN24yHh9XYCTOBvzGUtUW229

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c22414d4e7902c2f6979d90131a66dc6

Files

c22414d4e7902c2f6979d90131a66dc6
.dll regsvr32 windows:4 windows x86 arch:x86

f4fc8777b0651be374758528d4b8182a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetVolumeMountPointW
GlobalFindAtomW
LockFile
HeapSetInformation
GetSystemInfo
FindNextFileA
SetCurrentDirectoryA
GetFileAttributesW
WriteConsoleA
CreateEventW
FindFirstFileExW
GetFileAttributesExA
HeapSize
lstrcpynW
GetLogicalDriveStringsW
GetDiskFreeSpaceExW
SetFileAttributesA
lstrcpyA
IsBadStringPtrW
FindResourceExA
SetConsoleMode
RtlUnwind
lstrcmpiW
TerminateProcess
FreeResource
ConnectNamedPipe
FindResourceExW
GetThreadPriority
CreateDirectoryW
SetLocalTime
CreateFileA
CreateJobObjectW
SetTimeZoneInformation
FindFirstChangeNotificationW
DeleteFileW
IsBadHugeWritePtr
GetSystemWow64DirectoryW
DuplicateHandle
SwitchToThread
CreatePipe
GetSystemTime
LocalHandle
SetProcessWorkingSetSize
BindIoCompletionCallback
WaitNamedPipeA
VerifyVersionInfoA
ClearCommError
UnregisterWaitEx
OpenMutexW
FindClose
ProcessIdToSessionId
GetWindowsDirectoryW
GetDateFormatA
PulseEvent
EnumUILanguagesW
GetVolumePathNameW
LocalFileTimeToFileTime
HeapLock
LocalSize
Beep
GetFileSize
GlobalAddAtomW
VirtualAllocEx
SetSystemTime
PurgeComm
WaitForMultipleObjects
SuspendThread
GetFullPathNameA
GetLongPathNameW
EnumResourceLanguagesW
CopyFileW
GetAtomNameA
SetFileTime
IsValidLanguageGroup
lstrcmpiA
CompareStringA
CreateIoCompletionPort
GetBinaryTypeA
CopyFileExW
FindAtomW
SetFilePointerEx
GlobalFree
CreateFileW
GetModuleHandleExW
AreFileApisANSI
GetFileInformationByHandle
DeleteCriticalSection
CreateMailslotW
GetLargestConsoleWindowSize
GetProfileStringA
GetModuleHandleW
GetCompressedFileSizeW
LocalLock
GetHandleInformation
GetAtomNameW
OpenSemaphoreW
ReadConsoleW
ExitThread
TryEnterCriticalSection
PostQueuedCompletionStatus
CreateConsoleScreenBuffer
GetDiskFreeSpaceA
FindNextFileW
CreateSemaphoreA
CreateToolhelp32Snapshot
SetEnvironmentVariableA
GetCurrentDirectoryW
WriteProfileStringA
CreateRemoteThread
GetEnvironmentStrings
SetLastError
UnlockFile
GetCurrentProcess
HeapFree
GetComputerNameA
CreateThread
MoveFileA
GetCurrentProcessId
VirtualQuery
DeleteFileA
HeapAlloc
Sleep
CreateProcessA
CreateMutexA
ReadFile
LeaveCriticalSection
GlobalAlloc
LocalFree
GetProcAddress
LoadLibraryA
WriteFile
ExpandEnvironmentStringsA
GetLastError
GetSystemTimeAsFileTime
ReleaseMutex
CloseHandle
GetTickCount
GetModuleFileNameA
UnmapViewOfFile
GetProcessHeap
FileTimeToSystemTime

ole32

OleCreateLink
CoInitializeEx
CreateAntiMoniker
CoReleaseMarshalData
CreateOleAdviseHolder
OleQueryCreateFromData
OleCreateLinkFromData
CreateGenericComposite
OleInitialize
CoSetProxyBlanket
CoCreateInstanceEx
OleRegGetUserType
OleLockRunning
StgIsStorageILockBytes
CoGetClassObject
OleIsRunning
CreateDataCache
PropVariantClear
OleRun
IIDFromString
CoGetInterfaceAndReleaseStream
CoGetMalloc
OleRegGetMiscStatus
CoGetMarshalSizeMax
GetHGlobalFromILockBytes
RevokeDragDrop
CoQueryProxyBlanket
CoInitialize
CoTaskMemFree
OleCreate
CoCreateInstance

advapi32

RegConnectRegistryA
RegCloseKey
SetNamedSecurityInfoA
LookupAccountNameA
RegQueryValueExA
RegSetValueExA
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegEnumKeyExA
RegOpenKeyExA
RegOpenKeyExW
ReadEventLogA
RegConnectRegistryW
ChangeServiceConfigA
CloseServiceHandle
RegEnumValueA
RegCreateKeyExW
RegQueryInfoKeyW
CreateServiceA
CreateProcessAsUserA
SetEntriesInAclA
RegOpenCurrentUser
RegOpenKeyW
DuplicateToken
StartServiceA
ReportEventW
RegEnumKeyW
OpenServiceA
GetInheritanceSourceW
OpenThreadToken
QueryServiceStatus
EnumServicesStatusExW
RegSaveKeyExW
ChangeServiceConfig2W
RegReplaceKeyW
QueryServiceConfigA
QueryServiceLockStatusA
RegSetValueA
NotifyChangeEventLog
ConvertSidToStringSidA
DuplicateTokenEx
MakeAbsoluteSD
ImpersonateLoggedOnUser

gdi32

SetICMMode
PolyBezier
EndPath
SetROP2
SetArcDirection
EnumEnhMetaFile
CreateBitmapIndirect
CreatePalette
CreateDCA
OffsetWindowOrgEx
EnumFontFamiliesExA
SetDIBits
GetPixel
StartDocA
GetFontData
OffsetViewportOrgEx
CreateFontIndirectA
GetTextExtentPoint32W
GetStretchBltMode
GetCharABCWidthsW
ResizePalette
Polyline
PlayMetaFileRecord
CreateDIBitmap
CreateFontIndirectW
GetKerningPairsA
AnimatePalette
RemoveFontResourceW
GetDCOrgEx
GetViewportOrgEx
GetCharWidthA
GetMetaFileA
GetDIBits
PolyPolygon
GetSystemPaletteUse
SetDIBColorTable
CreateHalftonePalette
GetPixelFormat
GetROP2
GetNearestColor
DeleteObject
SetTextCharacterExtra
DeleteEnhMetaFile
GetWinMetaFileBits
DeleteMetaFile
PlayEnhMetaFileRecord
SetSystemPaletteUse
OffsetRgn
AddFontResourceW
SetWorldTransform
CreatePatternBrush
GetGraphicsMode
SetWindowOrgEx
GetEnhMetaFileHeader
CreateMetaFileA
LineTo
GetTextExtentPointW
GetTextFaceA
Arc
SetMiterLimit
PolylineTo
GetGlyphOutlineA
Escape
GetTextColor
SetViewportOrgEx
UpdateColors
GetEnhMetaFileBits

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4fc8777b0651be374758528d4b8182a

Headers

File Characteristics

Imports

kernel32

ole32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 92KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 96KB - Virtual size: 92KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB