cde15dfc6e1b6216bc20bc89f64633a5

Sharing

Copy URL Twitter E-mail

General

Target

cde15dfc6e1b6216bc20bc89f64633a5
Size

40KB
MD5

cde15dfc6e1b6216bc20bc89f64633a5
SHA1

755cdca63cc9c3a136a1298211b74ba834857901
SHA256

7a14534925ca53e67ac97f360732b184d2ae735accf75b813351206faa5ac155
SHA512

7bc25a6444d2641509786ee3c3615553f509d160a87812a1901657a02edd25a250a97367544df5461a12b8477fc18372952b6bd4aecf1fd5155604cda190e66f
SSDEEP

768:MXDilaMboL4y6AW2I2qJGk3xZtifLWO6ZUYjX0yVrlioUxpzuw4JKo9Eur:CDilaMH2I2ZkBSzkEMlioij4JKoT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cde15dfc6e1b6216bc20bc89f64633a5

Files

cde15dfc6e1b6216bc20bc89f64633a5
.dll regsvr32 windows:4 windows x86 arch:x86

2ef9c829625bad674fa0e5db8570bab5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetSystemInfo
GetVersionExA
HeapCreate
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
GetModuleFileNameA
WideCharToMultiByte
lstrlenW
GetTempFileNameA
GetTempPathA
WriteFile
LockResource
LoadResource
SizeofResource
FindResourceA
DisableThreadLibraryCalls
MultiByteToWideChar
GetShortPathNameA
GetModuleHandleA
FreeLibrary
GetLastError
LoadLibraryExA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
DebugBreak
HeapReAlloc
HeapFree
GetStringTypeW
GetStringTypeA
lstrcpynA
Sleep
lstrlenA
GetSystemDirectoryA
RtlUnwind
CreateFileA
lstrcpyA
lstrcatA
CreateProcessA
GetExitCodeProcess
lstrcmpiA
CloseHandle

user32

GetParent
SetFocus
GetFocus
IsChild
DestroyWindow
GetClassInfoExA
RegisterClassExA
CreateWindowExA
CharNextA
IsWindow
GetWindowLongA
SetWindowLongA
ShowWindow
UnionRect
PtInRect
GetKeyState
DefWindowProcA
wsprintfA
LoadCursorA
PeekMessageA
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
BeginPaint
GetClientRect
EndPaint
GetDC
ReleaseDC
InvalidateRect
CallWindowProcA
IntersectRect

gdi32

CreateDCA
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
CreateRectRgnIndirect
RestoreDC

advapi32

RegCloseKey
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

ole32

CoCreateInstance
WriteClassStm
CoTaskMemAlloc
CoTaskMemFree
OleSaveToStream
CreateOleAdviseHolder
CoTaskMemRealloc
OleLoadFromStream
OleRegGetMiscStatus
OleRegEnumVerbs
OleRegGetUserType

oleaut32

VarUI4FromStr
VariantClear
SysStringLen
SysAllocString
LoadTypeLi
RegisterTypeLi
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
OleCreatePropertyFrame
SysFreeString

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ef9c829625bad674fa0e5db8570bab5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

version

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 3KB - Virtual size: 3KB