c63375735d06ed759984f4d3890f9f4c

Sharing

Copy URL Twitter E-mail

General

Target

c63375735d06ed759984f4d3890f9f4c
Size

2.0MB
MD5

c63375735d06ed759984f4d3890f9f4c
SHA1

112e4580f204760da41290b64200fc464124cbfd
SHA256

b326eec5230ebf12854118aa1dac0139da0e06a1ea2fb1385ff0f861db724f7d
SHA512

786c2fdf9acc8064760d42c198f1186c67de6e1175fad8b14b459cad4b7d6f3bd35241344a97bcf2d2241d61084c2700de43492256956e30e24f9e12b2a659e5
SSDEEP

12288:oVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1D:9fP7fWsK5z9A+WGAW+V5SB6Ct4bnbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c63375735d06ed759984f4d3890f9f4c

Files

c63375735d06ed759984f4d3890f9f4c
.dll regsvr32 windows:5 windows x64 arch:x64

6668be91e2c948b183827f040944057f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

LookupIconIdFromDirectoryEx
WaitForInputIdle
GetParent
GetFocus

setupapi

CM_Get_Resource_Conflict_DetailsW

kernel32

DeleteCriticalSection
DeleteTimerQueue
TerminateJobObject
GetFileInformationByHandle
GetThreadLocale
GetNamedPipeServerProcessId
GetConsoleFontSize

gdi32

CreateBitmapIndirect
GetPolyFillMode

crypt32

CertGetCTLContextProperty

advapi32

AddAccessDeniedObjectAce

shlwapi

ChrCmpIW

Exports

Exports

?AfxFreeLibrary@@YAHPEAUHINSTANCE__@@@Z
?AfxLoadLibrary@@YAPEAUHINSTANCE__@@PEBG@Z
?AfxLockGlobals@@YAXH@Z
?AfxUnlockGlobals@@YAXH@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.qkm
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cvjb
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tlmkv
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wucsxe
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fltwtj
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sfplio
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rpg
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bewzc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vksvaw
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wmhg
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gebpi
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fwhzuc
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vvsvb
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cbhq
Size: 4KB - Virtual size: 318B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fnlrfv
Size: 4KB - Virtual size: 905B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sjlqns
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mmiwpa
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wgssn
Size: 4KB - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xuni
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fdu
Size: 4KB - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zayj
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6668be91e2c948b183827f040944057f

Headers

DLL Characteristics

File Characteristics

Imports

user32

setupapi

kernel32

gdi32

crypt32

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 260KB - Virtual size: 257KB

.rdata Size: 404KB - Virtual size: 403KB

.data Size: 96KB - Virtual size: 94KB

.pdata Size: 4KB - Virtual size: 300B

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 12KB - Virtual size: 8KB

.qkm Size: 4KB - Virtual size: 1KB

.cvjb Size: 8KB - Virtual size: 7KB

.tlmkv Size: 4KB - Virtual size: 2KB

.wucsxe Size: 280KB - Virtual size: 276KB

.fltwtj Size: 8KB - Virtual size: 4KB

.sfplio Size: 4KB - Virtual size: 1KB

.rpg Size: 280KB - Virtual size: 276KB

.bewzc Size: 8KB - Virtual size: 4KB

.vksvaw Size: 4KB - Virtual size: 1KB

.wmhg Size: 8KB - Virtual size: 4KB

.gebpi Size: 4KB - Virtual size: 1KB

.fwhzuc Size: 280KB - Virtual size: 276KB

.vvsvb Size: 8KB - Virtual size: 4KB

.cbhq Size: 4KB - Virtual size: 318B

.fnlrfv Size: 4KB - Virtual size: 905B

.sjlqns Size: 8KB - Virtual size: 4KB

.mmiwpa Size: 280KB - Virtual size: 276KB

.wgssn Size: 4KB - Virtual size: 571B

.xuni Size: 28KB - Virtual size: 27KB

.fdu Size: 4KB - Virtual size: 571B

.zayj Size: 28KB - Virtual size: 27KB

.text
Size: 260KB - Virtual size: 257KB

.rdata
Size: 404KB - Virtual size: 403KB

.data
Size: 96KB - Virtual size: 94KB

.pdata
Size: 4KB - Virtual size: 300B

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 12KB - Virtual size: 8KB

.qkm
Size: 4KB - Virtual size: 1KB

.cvjb
Size: 8KB - Virtual size: 7KB

.tlmkv
Size: 4KB - Virtual size: 2KB

.wucsxe
Size: 280KB - Virtual size: 276KB

.fltwtj
Size: 8KB - Virtual size: 4KB

.sfplio
Size: 4KB - Virtual size: 1KB

.rpg
Size: 280KB - Virtual size: 276KB

.bewzc
Size: 8KB - Virtual size: 4KB

.vksvaw
Size: 4KB - Virtual size: 1KB

.wmhg
Size: 8KB - Virtual size: 4KB

.gebpi
Size: 4KB - Virtual size: 1KB

.fwhzuc
Size: 280KB - Virtual size: 276KB

.vvsvb
Size: 8KB - Virtual size: 4KB

.cbhq
Size: 4KB - Virtual size: 318B

.fnlrfv
Size: 4KB - Virtual size: 905B

.sjlqns
Size: 8KB - Virtual size: 4KB

.mmiwpa
Size: 280KB - Virtual size: 276KB

.wgssn
Size: 4KB - Virtual size: 571B

.xuni
Size: 28KB - Virtual size: 27KB

.fdu
Size: 4KB - Virtual size: 571B

.zayj
Size: 28KB - Virtual size: 27KB