c3ac4e0b2ec2b1a733d08c44b867270a

Sharing

Copy URL

Twitter E-mail

General

Target

c3ac4e0b2ec2b1a733d08c44b867270a
Size

124KB
MD5

c3ac4e0b2ec2b1a733d08c44b867270a
SHA1

812d892f9866f260657579fd3c55b693c894d680
SHA256

c0c13cd27507aaadfe0d612da9c383dcd85b211aa6c00d0649504e058377f48f
SHA512

07459efe56e9dc63e8b0e7deef9b009c63136d8ff8f05fc708e5f599aa5067e85cfceaec3002a9bda8e7e8743b1c25db3801f7cdfefd6da70f151467ae3f732e
SSDEEP

3072:vxTu0mqtCY8+nFbbwIRBwA835U3LFg3sLPK8NmSKSh6Kf3Fq9ZeeuZ:vxhmqtCYNdUA835r3sR959q9Zc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3ac4e0b2ec2b1a733d08c44b867270a

Files

c3ac4e0b2ec2b1a733d08c44b867270a
.dll regsvr32 windows:4 windows x86 arch:x86

4fd727c35719c959a8c83c8cdcb03fb8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateToolhelp32Snapshot
WaitNamedPipeA
GetFileSize
GetLocalTime
LocalHandle
WaitNamedPipeW
CreateRemoteThread
CreateConsoleScreenBuffer
FindResourceA
GetFileType
FindFirstFileExW
SetProcessShutdownParameters
RtlUnwind
GetStartupInfoA
IsProcessorFeaturePresent
GetModuleHandleExW
HeapValidate
TerminateProcess
GlobalGetAtomNameW
GetVolumeInformationW
CompareFileTime
TransactNamedPipe
GetCurrentThreadId
FlushViewOfFile
FileTimeToDosDateTime
CreateDirectoryW
VirtualUnlock
SetVolumeMountPointW
ReleaseSemaphore
CreateWaitableTimerW
SetConsoleActiveScreenBuffer
ClearCommError
GetExitCodeThread
SetFileApisToOEM
ReadConsoleW
FillConsoleOutputAttribute
SetComputerNameExW
HeapDestroy
lstrcmpiW
FindCloseChangeNotification
GetVolumePathNamesForVolumeNameW
VirtualAllocEx
CreateMailslotA
GetConsoleOutputCP
CreateTimerQueueTimer
GetTimeFormatA
QueueUserAPC
RtlMoveMemory
GetSystemWindowsDirectoryA
GetVolumeNameForVolumeMountPointW
AddAtomW
UnregisterWait
IsValidLanguageGroup
OpenMutexA
MapViewOfFileEx
GetProfileIntA
FindNextChangeNotification
CreateMailslotW
GetDateFormatA
SetEvent
GetStringTypeExA
CreateProcessW
FreeEnvironmentStringsW
CreateEventW
GetLargestConsoleWindowSize
QueryPerformanceFrequency
LocalSize
lstrcatW
PostQueuedCompletionStatus
SetErrorMode
DisconnectNamedPipe
PeekNamedPipe
GetWindowsDirectoryW
GetBinaryTypeA
CreateTimerQueue
SetFileTime
GlobalHandle
LoadResource
GetTimeZoneInformation
GetStringTypeExW
GetSystemInfo
SetConsoleTitleA
GlobalFindAtomW
InterlockedDecrement
WaitForMultipleObjectsEx
ReadFileEx
GetVersionExA
FlushFileBuffers
OpenSemaphoreW
WriteConsoleW
PeekConsoleInputA
FormatMessageA
SetWaitableTimer
GetSystemPowerStatus
OpenJobObjectW
GetConsoleMode
GlobalMemoryStatusEx
CancelWaitableTimer
ReadConsoleInputW
WriteProfileStringW
CreateEventA
SearchPathW
ExitThread
FindFirstChangeNotificationW
SetEnvironmentVariableW
GetFileAttributesA
SetFileAttributesA
SuspendThread
GetProfileStringW
GetUserDefaultLCID
VerifyVersionInfoA
GetLongPathNameW
DeleteFileW
PeekConsoleInputW
CreatePipe
FindAtomA
RegisterWaitForSingleObject
GetDefaultCommConfigW
SizeofResource
MoveFileA
GlobalAlloc
CreateFileMappingA
ExpandEnvironmentStringsA
ReadFile
CreateProcessA
EnterCriticalSection
Sleep
GetProcessHeap
GetModuleHandleA
WriteFile
VirtualProtect
CreateThread
LoadLibraryA
GetProcAddress
MapViewOfFile
CopyFileA
HeapAlloc
InterlockedExchange
CreateDirectoryA
GetModuleFileNameA
CreateMutexA
CloseHandle
InterlockedIncrement
InitializeCriticalSection
GetTickCount
WaitForSingleObject
GetCurrentProcessId
CreateFileA
CancelIo

user32

IsCharAlphaW
RegisterHotKey
CharNextExA
GetMessageExtraInfo
ScrollWindow
OemToCharA
ChildWindowFromPointEx
GetClassInfoExW
DialogBoxIndirectParamA
ScreenToClient
FindWindowW
BroadcastSystemMessageW
GetWindowTextLengthW
SetProcessWindowStation
ScrollWindowEx
FrameRect
CreatePopupMenu
InsertMenuW
GetUserObjectInformationA
PackDDElParam
CheckDlgButton
RedrawWindow
UpdateWindow
UnhookWindowsHook
IsMenu
GetWindowInfo
TrackMouseEvent
GetWindowTextLengthA
GetSubMenu
OpenInputDesktop
CharToOemBuffA
SetCapture
DrawFrameControl
EnableWindow
OpenDesktopA
MoveWindow
EnumThreadWindows
LoadMenuW
EndDeferWindowPos
GetTabbedTextExtentA
LoadCursorA
SetTimer
EnumDisplaySettingsW
ChangeDisplaySettingsExW
CreateAcceleratorTableW
SetActiveWindow
CharNextA
SetCursor
GetMonitorInfoW
RemovePropA
BringWindowToTop
EnumWindowStationsW
MessageBoxW
KillTimer
GetWindowTextA
wvsprintfA
FindWindowExA
PostThreadMessageW
DestroyAcceleratorTable
GetQueueStatus
ReplyMessage
CreateCaret
MapVirtualKeyA
IsDlgButtonChecked
UnregisterClassW
GetActiveWindow
CharUpperBuffA
ChangeMenuA
CharPrevA
GetCursorPos
UpdateLayeredWindow
WinHelpA
SetWindowPlacement
GetDCEx
WaitForInputIdle
CallWindowProcW
GetFocus
MonitorFromWindow
CharUpperA
InvalidateRgn
GetLastActivePopup
SetScrollInfo
GetMessagePos
SendNotifyMessageA
GetMenuStringW
GetInputState
IsIconic
SetWindowContextHelpId
SendInput
PostMessageW
DrawStateA
DestroyWindow
CopyImage
LoadCursorW
OemToCharBuffA
InsertMenuItemA
ShowWindowAsync
MapVirtualKeyExW
PtInRect
GetCursor
LoadAcceleratorsW
GetKeyNameTextA
SetPropA
ClientToScreen
DefMDIChildProcA
WindowFromPoint
EnumChildWindows
UnregisterClassA
DeferWindowPos
VkKeyScanW
SetClassLongW
TranslateMDISysAccel
MsgWaitForMultipleObjectsEx
ChangeDisplaySettingsW
CreateDialogIndirectParamA
GetWindowThreadProcessId
RegisterClassExA
GetMessageA
DefWindowProcA
PeekMessageA
FindWindowA
CreateWindowExA
SetWindowsHookExA
DispatchMessageA
CallNextHookEx
SetWindowLongA
CreateMenu

advapi32

ConvertSidToStringSidA
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
GetSecurityDescriptorSacl
RegSetValueExA
SetNamedSecurityInfoA
StartServiceCtrlDispatcherA
QueryServiceLockStatusA
ImpersonateSelf
OpenServiceA
RegCreateKeyW
RegEnumKeyW
SetTokenInformation
RegSaveKeyExW
RegCreateKeyA
RegEnumValueW
RegCreateKeyExW
ReportEventA
IsTokenRestricted
RegLoadKeyW
RegisterEventSourceW
RegSetValueA
MakeSelfRelativeSD
CloseServiceHandle
OpenEventLogA
DeregisterEventSource
SetEntriesInAclW
ChangeServiceConfigW
NotifyBootConfigStatus
UnlockServiceDatabase
RevertToSelf
RegRestoreKeyA
ImpersonateNamedPipeClient
RegConnectRegistryA
GetInheritanceSourceW
GetServiceKeyNameW
StartServiceA
CreateProcessAsUserW
RegisterServiceCtrlHandlerW
RegEnumKeyA
RegDeleteKeyW

gdi32

AddFontResourceA
GetTextFaceA
GetPaletteEntries
CopyEnhMetaFileA
LineTo
GetTextExtentPoint32W
FillPath
SetROP2
SetMapMode
EnumFontFamiliesA
GetTextCharacterExtra
GetDIBits
OffsetWindowOrgEx
RemoveFontResourceA
CombineRgn
Arc
GetStretchBltMode
Chord
StartDocA
GetRgnBox
GetObjectW
SetMagicColors
CreateCompatibleDC
SetMetaFileBitsEx
EndPath
EnumFontFamiliesExA
GetSystemPaletteUse
CreateEnhMetaFileW
GetStockObject
CreateEllipticRgnIndirect
PathToRegion
SetArcDirection
GetCharWidth32W
CreateCompatibleBitmap
GetWorldTransform
CreatePen
DeleteMetaFile
CreatePatternBrush
OffsetRgn
GetPixel
GetOutlineTextMetricsA
CreateScalableFontResourceA
SetMiterLimit
DescribePixelFormat
CopyMetaFileW
GetTextExtentPointA
GetMapMode
CreateMetaFileA
AbortDoc
SetWindowOrgEx
GetEnhMetaFileBits
SetStretchBltMode
FillRgn
StretchBlt
SelectObject
GetGlyphOutlineW
GetPolyFillMode
LPtoDP
GetCharWidthW
DeleteObject
SetSystemPaletteUse
CreateRectRgn
CreateDCW
Escape

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fd727c35719c959a8c83c8cdcb03fb8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 92KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 96KB - Virtual size: 92KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB