c843b88dedf4c3c9ee9c88151fb6963c

Sharing

Copy URL

Twitter E-mail

General

Target

c843b88dedf4c3c9ee9c88151fb6963c
Size

488KB
MD5

c843b88dedf4c3c9ee9c88151fb6963c
SHA1

f7140c42da96af07363ca90edb7cd56d5b341d85
SHA256

70ff4f5ea599618a1369a7cd5977eeda9d6657786bf849eb7d3d2005fcff5b52
SHA512

2cd50a54e4942138f0e27345160f274a4f6f769d97ea46dc25e3c1f8366a8729660f010bac556199bbeb67f60b7344b2dc94b9ee8cc72d97247a9d1e09709ab0
SSDEEP

6144:55O00ONQxGaOnDTQ6zcxCd4VAJj70W3YXBdYC1ni2CSKqWlW3W:LOLOQGaLquCaKJv0W3YXBdXninsW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c843b88dedf4c3c9ee9c88151fb6963c

Files

c843b88dedf4c3c9ee9c88151fb6963c
.dll regsvr32 windows:4 windows x86 arch:x86

59f1a76d97b26285f5a0d34ef76b4fd4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

PlaySoundA

shlwapi

PathFileExistsA

wininet

DeleteUrlCacheEntry
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile
FindCloseUrlCache
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA

setupapi

SetupIterateCabinetA

kernel32

GetProcAddress
SetLastError
FreeLibrary
LoadLibraryA
OutputDebugStringA
LoadLibraryW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
lstrcpyA
lstrcatA
GetCurrentProcessId
Sleep
GlobalUnlock
GlobalLock
LeaveCriticalSection
EnterCriticalSection
MoveFileExA
TerminateThread
DebugBreak
GetVersion
FindFirstFileA
lstrlenW
GetModuleFileNameA
GetTempFileNameA
FlushInstructionCache
GetCurrentProcess
GetVersionExA
lstrcmpA
GetCurrentThreadId
GetShortPathNameA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
SetEndOfFile
CompareStringA
CompareStringW
GetTempPathA
CreateFileA
WriteFile
CloseHandle
WideCharToMultiByte
InterlockedIncrement
DeleteFileA
RemoveDirectoryA
lstrlenA
InterlockedDecrement
MultiByteToWideChar
GetLastError
FindNextFileA
FindClose
GlobalAlloc
SetHandleCount
ExitThread
LCMapStringW
LCMapStringA
GetDriveTypeA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
SetUnhandledExceptionFilter
HeapSize
TerminateProcess
ExitProcess
TlsGetValue
TlsFree
TlsAlloc
GetCommandLineA
HeapReAlloc
HeapAlloc
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
GetFullPathNameA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
TlsSetValue
CreateThread
ResumeThread
CreateDirectoryA
HeapFree
RtlUnwind
RaiseException
LocalAlloc
InterlockedExchange
LocalFree
ReadFile
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW

user32

wsprintfA
UnhookWindowsHookEx
IsWindow
CharLowerA
SetActiveWindow
SendMessageA
MessageBoxA
CharNextA
TranslateMessage
GetParent
MoveWindow
GetWindowRect
EmptyClipboard
LoadCursorFromFileA
CreateWindowExA
GetDlgItem
InvalidateRgn
SetCapture
ReleaseCapture
DestroyAcceleratorTable
CreateAcceleratorTableA
GetDesktopWindow
RedrawWindow
SetWindowPos
IsWindowVisible
DefWindowProcA
EnableMenuItem
OpenClipboard
CloseClipboard
GetClipboardData
GetSystemMetrics
GetSysColor
SetWindowTextA
RegisterClassExA
LoadCursorA
RegisterWindowMessageA
SetWindowLongA
GetClassInfoExA
GetWindow
GetWindowLongA
GetWindowTextA
GetWindowTextLengthA
PostMessageA
UnregisterClassA
DestroyCursor
GetClientRect
EndPaint
IsChild
CallWindowProcA
GetDC
ReleaseDC
FillRect
DrawEdge
OffsetRect
GetMenuItemInfoA
CopyRect
DestroyWindow
SetFocus
ShowWindow
LoadMenuA
GetSubMenu
InsertMenuA
MapWindowPoints
GetMessagePos
GetCursorPos
GetFocus
LoadImageA
SetWindowsHookExA
WindowFromPoint
SetCursor
ScreenToClient
PtInRect
GetKeyState
GetClassNameA
CallNextHookEx
InvalidateRect
LoadStringA
wvsprintfA
TrackPopupMenu
SetTimer
CreatePopupMenu
AppendMenuA
CheckMenuItem
DestroyMenu
KillTimer
BeginPaint
DispatchMessageA

gdi32

GetObjectA
DeleteObject
ExtTextOutA
GetTextExtentPoint32A
GetTextMetricsA
SetTextColor
SetBkColor
SetBkMode
SelectObject
CreateBrushIndirect
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
GetDeviceCaps
GetStockObject
GetTextExtentPointA
CreateFontA

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA

shell32

SHEmptyRecycleBinA
DragQueryFileA
ShellExecuteA
SHAddToRecentDocs

ole32

OleInitialize
CoUninitialize
CoCreateInstance
CoCreateGuid
OleUninitialize
CLSIDFromProgID
ReleaseStgMedium
CLSIDFromString
CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc
OleLockRunning
RegisterDragDrop
CoTaskMemRealloc
OleRun
CreateStreamOnHGlobal
CoInitialize

oleaut32

GetErrorInfo
SysAllocStringByteLen
SysStringLen
RegisterTypeLi
VarUI4FromStr
OleCreateFontIndirect
DispCallFunc
SafeArrayCreate
SafeArrayCreateVector
SafeArrayAccessData
LoadRegTypeLi
SafeArrayDestroy
VariantCopy
SafeArrayUnaccessData
SysStringByteLen
VariantInit
VariantChangeType
VariantClear
SysAllocString
LoadTypeLi
SysAllocStringLen
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
TBStudioReg

Sections

.text
Size: 344KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59f1a76d97b26285f5a0d34ef76b4fd4

Headers

File Characteristics

Imports

winmm

shlwapi

wininet

setupapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 344KB - Virtual size: 342KB

.rdata Size: 60KB - Virtual size: 57KB

.data Size: 28KB - Virtual size: 34KB

.SHARED Size: 4KB - Virtual size: 1KB

.rsrc Size: 16KB - Virtual size: 14KB

.reloc Size: 32KB - Virtual size: 28KB

.text
Size: 344KB - Virtual size: 342KB

.rdata
Size: 60KB - Virtual size: 57KB

.data
Size: 28KB - Virtual size: 34KB

.SHARED
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 16KB - Virtual size: 14KB

.reloc
Size: 32KB - Virtual size: 28KB