dee1d8ac73347323c0faf0804ce457db

Sharing

Copy URL

Twitter E-mail

General

Target

dee1d8ac73347323c0faf0804ce457db
Size

96KB
MD5

dee1d8ac73347323c0faf0804ce457db
SHA1

5a69c308dc5a3d6074cfc520644a41ea9d0487e4
SHA256

4394620cc84ca9053947c58c201813058447b5ce34aad8b036d93746557ba8b8
SHA512

62274942529d15097ada59d99d6a2816aa3629069cb7dae110ce95e81d88e177de92342f51eaadcf1b483daaf2492c3bd875bda330be5ca9708d14af71b957d8
SSDEEP

1536:U0raKZND5a0MtxDKMRjclz1FriFVgls7DaR9jHHVZC5FxnD2nD2Ku7klYQ+rn/JZ:U0raWND5a0ix5Kz1JiF8LR9jHVZKf7kq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dee1d8ac73347323c0faf0804ce457db

Files

dee1d8ac73347323c0faf0804ce457db
.dll regsvr32 windows:4 windows x86 arch:x86

27f30f13e971d41307bcb3ce8f72ff0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnregisterWaitEx
OpenFile
LockFileEx
GetCPInfo
GetProfileIntW
VerifyVersionInfoA
SetHandleInformation
DeleteCriticalSection
GetNumberFormatW
ClearCommError
WriteConsoleA
DeleteTimerQueueEx
FindResourceExW
SearchPathW
GetLogicalDriveStringsA
LocalReAlloc
OpenMutexA
FlushViewOfFile
PeekNamedPipe
VirtualQueryEx
SetNamedPipeHandleState
GetCurrentThread
ProcessIdToSessionId
HeapDestroy
OpenSemaphoreA
QueueUserAPC
CreateDirectoryW
FindNextFileW
DosDateTimeToFileTime
FindFirstChangeNotificationA
FreeEnvironmentStringsW
WriteProfileStringA
GetTempPathA
ReadConsoleInputW
SetVolumeLabelA
GetCurrentDirectoryW
CreateMutexW
WriteProcessMemory
GetDiskFreeSpaceW
AllocConsole
LocalFileTimeToFileTime
OpenEventA
GetVolumePathNamesForVolumeNameW
CreateNamedPipeA
SetFilePointer
GetTimeFormatW
GetBinaryTypeW
ReplaceFileW
IsBadHugeReadPtr
SleepEx
GlobalHandle
GetBinaryTypeA
GetLargestConsoleWindowSize
ResumeThread
ExpandEnvironmentStringsW
VirtualAllocEx
OpenMutexW
GetTempFileNameW
CreateWaitableTimerW
SizeofResource
FindFirstChangeNotificationW
GetFileSizeEx
SetErrorMode
GlobalReAlloc
GetCurrentThreadId
IsBadWritePtr
SetEndOfFile
GlobalMemoryStatus
GetStringTypeExA
lstrcpynW
GlobalFree
FindFirstVolumeW
SetFileTime
GlobalMemoryStatusEx
FindFirstFileExW
lstrcmpW
GetFileTime
GlobalAddAtomW
RtlUnwind
GetFileAttributesW
GetStringTypeW
GetTempPathW
lstrcmpiW
GetUserDefaultLCID
SuspendThread
AreFileApisANSI
CompareStringA
GetLongPathNameW
MapViewOfFileEx
QueryPerformanceFrequency
FindNextFileA
IsWow64Process
TerminateThread
GetProcessAffinityMask
EnumResourceNamesA
SetConsoleTitleA
LCMapStringA
OpenThread
GetProfileSectionA
GetLocaleInfoA
GetEnvironmentStringsW
LocalSize
CreateEventA
CopyFileExW
GetShortPathNameW
lstrcpynA
GetTimeZoneInformation
GetStringTypeExW
FlushConsoleInputBuffer
GetFullPathNameA
GetCurrentProcess
GetDriveTypeA
FileTimeToSystemTime
GetProcessVersion
FindResourceExA
IsBadStringPtrW
WriteConsoleW
GlobalDeleteAtom
EnumResourceLanguagesW
FormatMessageW
GlobalFindAtomW
GetCurrentDirectoryA
GlobalFindAtomA
IsBadCodePtr
SetDefaultCommConfigW
CopyFileA
GetTickCount
HeapFree
GetSystemTimeAsFileTime
LeaveCriticalSection
GetProcessHeap
InterlockedDecrement
CloseHandle
WriteFile
Sleep
GetProcAddress
GlobalAlloc
CreateProcessA
DeleteFileA
GetComputerNameA
ExpandEnvironmentStringsA
VirtualQuery
ReadFile
ReleaseMutex
GetModuleFileNameA
GetModuleHandleA
MoveFileA
HeapAlloc
WaitForSingleObject
LoadLibraryA
ConnectNamedPipe

ole32

OleCreateLinkToFile
CoGetInterfaceAndReleaseStream
CoGetObjectContext
CoInitializeEx
OleCreateFromFile
OleInitialize
StgCreateDocfile
OleCreateLink
StringFromGUID2
CoDisableCallCancellation
OleQueryLinkFromData
OleLoad
CreateOleAdviseHolder
CoRegisterMessageFilter
CoSwitchCallContext
OleGetAutoConvert
OleRun
OleRegGetMiscStatus
OleCreateLinkFromData
OleLoadFromStream
CoMarshalInterThreadInterfaceInStream
CoGetCallContext
CoFreeUnusedLibraries
CreateItemMoniker
StgOpenStorage
OleDestroyMenuDescriptor
CoCreateInstance
CoInitialize
StringFromIID

user32

DialogBoxIndirectParamA
GetCapture
UnionRect
FlashWindow
PostQuitMessage
DrawEdge
PtInRect
GetForegroundWindow
ReleaseDC
BeginPaint
FindWindowExA
OpenInputDesktop
LoadIconW
GetMenuCheckMarkDimensions
CharLowerBuffA
MessageBoxIndirectW
EnableScrollBar
SetWindowContextHelpId
CheckDlgButton
CharLowerBuffW
GetNextDlgTabItem
InSendMessageEx
ChangeDisplaySettingsExW
SetPropW
GetClassInfoExA
EnumThreadWindows
DestroyCaret
AppendMenuA
DestroyWindow
wvsprintfA
DrawMenuBar
GetDlgItemTextA
LoadMenuA
CopyImage
SetCursorPos
LoadCursorA
SendMessageTimeoutA
DefMDIChildProcW
GetSubMenu
SetMessageQueue
AppendMenuW
CheckMenuRadioItem
CopyRect
DefWindowProcW
CopyAcceleratorTableA
PackDDElParam
CreateDialogIndirectParamW
CharUpperBuffA
PeekMessageW
SetScrollInfo
LoadBitmapA
IsDialogMessageA
GetMessageExtraInfo
DialogBoxIndirectParamW
DrawTextExA
LoadIconA
ToAsciiEx
CreateAcceleratorTableW
MonitorFromRect
SystemParametersInfoA
DispatchMessageW
GetCursorPos
ToAscii
PostThreadMessageW
SetMenu
TrackMouseEvent
GetGUIThreadInfo
GetClassLongW
MapDialogRect
DefFrameProcA
GetKeyNameTextW
GetClassInfoExW
CharNextA
DialogBoxParamA
SetWindowsHookExW
IsIconic
DefFrameProcW
CheckMenuItem
RegisterHotKey
GetDoubleClickTime
wsprintfA
InSendMessage
GetSystemMetrics
MonitorFromPoint
ModifyMenuW
SetWindowLongA
GetAsyncKeyState
GetClassNameW
ChangeMenuA
SetFocus
WaitMessage
DeleteMenu
GetMenuItemInfoW
GetScrollBarInfo
WinHelpW
IsCharAlphaNumericW
DrawTextA
SetWindowTextW
LoadStringA
UnregisterClassA
GetWindowPlacement
SendNotifyMessageW
GetMenuDefaultItem
CreateIconFromResourceEx
IsWindow
SetThreadDesktop
SetProcessWindowStation
CreateDialogParamA
GetShellWindow
CharPrevW
InvalidateRect
SetProcessDefaultLayout
GetAncestor
DrawTextExW
SetWindowRgn
GetDlgItem
CreateAcceleratorTableA
SendMessageA
FindWindowA
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
PeekMessageA
DispatchMessageA

advapi32

ConvertSidToStringSidA
SetNamedSecurityInfoA
RegQueryValueExA
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
GetSecurityDescriptorSacl
ChangeServiceConfig2W
DeregisterEventSource
RegSaveKeyA
ImpersonateLoggedOnUser
GetOldestEventLogRecord
GetTokenInformation
CreateProcessAsUserW
CloseServiceHandle
RegEnumKeyExW
RegQueryValueExW
RegNotifyChangeKeyValue
LockServiceDatabase
GetAclInformation
GetUserNameA
RegisterEventSourceA
RegUnLoadKeyW
StartServiceCtrlDispatcherW
EnumServicesStatusW
MakeSelfRelativeSD
DuplicateToken
CreateProcessWithLogonW
RegCreateKeyExW
RegOpenCurrentUser
OpenServiceA
MapGenericMask
OpenEventLogW
RegQueryValueW
QueryServiceLockStatusW
RegDeleteKeyW
RegEnumValueA
QueryServiceStatusEx
ImpersonateAnonymousToken
GetServiceKeyNameW
RegFlushKey
RegDeleteValueA
RegEnumKeyExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27f30f13e971d41307bcb3ce8f72ff0d

Headers

File Characteristics

Imports

kernel32

ole32

user32

advapi32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB