ca397e184cc29c9c9b44444e246138f0

Sharing

Copy URL Twitter E-mail

General

Target

ca397e184cc29c9c9b44444e246138f0
Size

92KB
MD5

ca397e184cc29c9c9b44444e246138f0
SHA1

5b78e6b6ce44b204ae9bd800191c3b54a66acf2f
SHA256

9e09542ccf666c1b87a44ad2d78a06b99e447408b5e7f267129153687956a6a4
SHA512

0f68ae55b247e8a12f33d2958e990292094dd300332834acee61bcd5039e83940fa2f8ae1a1121783ca4e41c51059042d0fde9c108035dfea67aa2dbf352c146
SSDEEP

1536:M12V7zrgwD7Agjewv+5jvsMTRDP7Fsi6AGUoxJ8YFyt:M1o7XXAIG5TsdBUox+P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca397e184cc29c9c9b44444e246138f0

Files

ca397e184cc29c9c9b44444e246138f0
.dll regsvr32 windows:4 windows x86 arch:x86

a374474a1ef907a132c3479b09cac104

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
EnterCriticalSection
LeaveCriticalSection
lstrcatA
InterlockedDecrement
InterlockedIncrement
GetProcAddress
GetCurrentProcess
LoadLibraryA
FlushInstructionCache
CreateThread
CloseHandle
CreateFileA
GetSystemDirectoryA
CreateMutexA
TerminateThread
GetCurrentThreadId
SetEvent
WaitForMultipleObjects
MoveFileA
CreateEventA
InitializeCriticalSection
GetFileTime
GetPrivateProfileStringA
GetSystemTime
CreateDirectoryA
GetEnvironmentVariableA
WriteFile
RemoveDirectoryA
FindClose
FindNextFileA
FindFirstFileA
Sleep
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
DeleteCriticalSection
HeapDestroy
lstrcpynA
DisableThreadLibraryCalls
IsDBCSLeadByte
DeleteFileA
lstrcmpiA
FileTimeToSystemTime
WaitForSingleObject
MultiByteToWideChar
GetCommandLineA
GetVersion
SetFilePointer
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
lstrlenW
lstrlenA
GetStringTypeW
HeapFree
GetFileType
GetStdHandle
GetStartupInfoA
HeapSize
TerminateProcess
HeapReAlloc
RtlUnwind
GetCPInfo
HeapAlloc
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
TlsFree
FlushFileBuffers
SetStdHandle
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
SetHandleCount
GetVersionExA
HeapCreate
GetOEMCP
GetACP
RaiseException
ExitProcess
VirtualFree
VirtualAlloc
IsBadWritePtr

user32

CharNextA
LoadCursorA
CallWindowProcA
DestroyWindow
ReleaseDC
GetDC
wsprintfA
DefWindowProcA
RegisterClassExA
GetClassInfoExA
IsChild
GetFocus
EndPaint
GetClientRect
BeginPaint
SetWindowLongA
GetWindowLongA
CreateWindowExA

gdi32

RestoreDC
SetWindowOrgEx
SetMapMode
SetViewportOrgEx
LPtoDP
GetDeviceCaps
SaveDC
DeleteDC
CreateDCA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA
GetUserNameA

ole32

CoCreateInstance
StringFromCLSID
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

DispCallFunc
SysFreeString
VariantClear
SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
VarUI4FromStr

wininet

InternetErrorDlg
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a374474a1ef907a132c3479b09cac104

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 67KB

.data Size: 13KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 67KB - Virtual size: 67KB

.data
Size: 13KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 6KB - Virtual size: 6KB