df1618c832961e4961b17df45edcce11

Sharing

Copy URL Twitter E-mail

General

Target

df1618c832961e4961b17df45edcce11
Size

75KB
MD5

df1618c832961e4961b17df45edcce11
SHA1

ba07eee6840569343855cb15d4210ebed4f6bb66
SHA256

992ac6cd0c07dc348f7c5d141ea2f867402828456b1bf4f68b510eced176b822
SHA512

d469416a3640ef9340458d350ec5a18a94bc1fb8af167ec93bc31be2b7d2a8b46805cfd34cc8a8a04f971ae5536e1c13d41f5e624af5b64f36d78054f5f081e6
SSDEEP

1536:spERPWvFtuc8KuJQpc/WDQfSVKbCL9WIYQfckrykh2VgrV1bUfo8+l:spERCu8uJh13QfckmK2VgrnbUQt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df1618c832961e4961b17df45edcce11

Files

df1618c832961e4961b17df45edcce11
.dll regsvr32 windows:4 windows x86 arch:x86

c2854b28e58aa1802d8c522f176a606a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

tolower
fclose
atof
fwrite
abs
strncat
fread
strchr
_gcvt
exit
strcpy
strlen
strcmp
fgets
fopen
strcat
strtok
memcmp
memset
floor
strstr
memcpy
mbstowcs
atoi
wcstombs

kernel32

GetCurrentThreadId
HeapFree
DeleteCriticalSection
GetProcAddress
DebugBreak
lstrcmpA
MulDiv
MultiByteToWideChar
lstrlenW
lstrlenA
GetShortPathNameA
GetModuleFileNameA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
GetLastError
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
DisableThreadLibraryCalls
HeapAlloc
GetSystemInfo
HeapCreate
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
GetFileAttributesA
LoadLibraryA
lstrcpyA
lstrcatA
GetProcessHeap
InterlockedIncrement
InterlockedDecrement
FlushInstructionCache
GetCurrentProcess
Sleep
GetTempPathA
DeleteFileA
GetTickCount
CloseHandle
HeapReAlloc
WriteFile
GetSystemDirectoryA
CreateDirectoryA
CreateFileA
FormatMessageA
CopyFileA
GetPrivateProfileStringA

oleaut32

VariantClear
RegisterTypeLi
SysStringLen
LoadRegTypeLi
VarUI4FromStr
LoadTypeLi
SysAllocString
SysFreeString
SysAllocStringLen
OleLoadPicturePath

ole32

CoUninitialize
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoInitialize

user32

SetTimer
KillTimer
PostMessageA
EnumThreadWindows
wsprintfA
BringWindowToTop
CreateWindowExA
RegisterClassExA
SetWindowLongA
GetCursorPos
TrackPopupMenuEx
LoadImageA
CreateDialogParamA
GetActiveWindow
EnableMenuItem
ShowWindow
SetWindowTextA
SendMessageA
DestroyWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
CharNextA
DefWindowProcA
BeginPaint
GetWindowRect
EndPaint
MessageBoxA
EnableWindow
GetWindowTextA
InvalidateRect
UpdateWindow
CreatePopupMenu
InsertMenuA
SystemParametersInfoA
GetDlgItem

advapi32

RegEnumValueA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegDeleteKeyA
RegQueryValueExA
RegCreateKeyA

rasapi32

RasGetEntryDialParamsA
RasEnumConnectionsA
RasDialA
RasGetConnectStatusA
RasHangUpA
RasGetErrorStringA
RasSetEntryDialParamsA
RasSetEntryPropertiesA
RasEnumDevicesA
RasEnumEntriesA
RasGetEntryPropertiesA
RasDeleteEntryA

wininet

InternetGetConnectedState
HttpQueryInfoA
InternetOpenA
InternetSetStatusCallback
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

setupapi

SetupIterateCabinetA

shell32

SHGetPathFromIDListA
Shell_NotifyIconA
ShellExecuteA
SHGetSpecialFolderLocation

gdi32

GetStockObject
SetBkMode
CreateFontA
GetDeviceCaps

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMostrar
DllRegisterServer
DllUnregisterServer

Sections

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2854b28e58aa1802d8c522f176a606a

Headers

File Characteristics

Imports

msvcrt

kernel32

oleaut32

ole32

user32

advapi32

rasapi32

wininet

setupapi

shell32

gdi32

Exports

Exports

Sections

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 52KB - Virtual size: 96KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 4KB - Virtual size: 4KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 52KB - Virtual size: 96KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 4KB - Virtual size: 4KB