dc1a2bb3e4e56918bbd1e52ea8b79ffb22de3e7f7a91018521c1339a238cbc8c

Sharing

Copy URL Twitter E-mail

General

Target

dc1a2bb3e4e56918bbd1e52ea8b79ffb22de3e7f7a91018521c1339a238cbc8c
Size

172KB
MD5

11a9f155ce23155e5430fa3309be4439
SHA1

a2a407d3f87667d81e567fce9742cfe28f70d1d2
SHA256

dc1a2bb3e4e56918bbd1e52ea8b79ffb22de3e7f7a91018521c1339a238cbc8c
SHA512

788609d5f508c38db6ad455e75d5d069ff581ade3db2d77db4713a545e2751fd9fc3d9bb0afc9fe213b2716517728eaf6197d7686cdc12b42ae4c5124de3dd1a
SSDEEP

3072:TlbC1Rfy/42/S9fvy29eMZzCbQXmClb/muUa3JHhooxcXbscd00XfvXyU7Y1Gf/q:xbC1R842q9yCCbclNUa3JELscdlaU8sN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc1a2bb3e4e56918bbd1e52ea8b79ffb22de3e7f7a91018521c1339a238cbc8c

Files

dc1a2bb3e4e56918bbd1e52ea8b79ffb22de3e7f7a91018521c1339a238cbc8c
.dll regsvr32 windows:4 windows x86 arch:x86

9be13f2b612903afc1c77de2fac14181

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetLocaleInfoA
InterlockedDecrement
InterlockedIncrement
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
MultiByteToWideChar
GetModuleFileNameA
lstrcpynA
GetFileAttributesA
GetVersion
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
FreeLibrary
HeapReAlloc
lstrcpyA
WideCharToMultiByte
LoadResource
FindResourceA
lstrlenA
HeapAlloc
HeapFree
LockResource
lstrlenW
GetProcessHeap
LeaveCriticalSection
EnterCriticalSection
IsBadWritePtr
lstrcatA

user32

SetParent
EndPaint
BeginPaint
MoveWindow
DestroyWindow
ReleaseDC
GetDC
CharNextA
PtInRect
IntersectRect
GetActiveWindow
DefWindowProcA
OffsetRect
EqualRect
SetWindowRgn
GetKeyState
SetFocus
SetDlgItemTextA
UnregisterClassA
SetWindowLongA
LoadAcceleratorsA
GetDlgItem
GetWindowRect
ScreenToClient
EnableWindow
GetSystemMetrics
SetRect
SetWindowPos
GetDialogBaseUnits
CreatePopupMenu
InsertMenuItemA
SetWindowTextA
GetFocus
GetNextDlgTabItem
ShowWindow
InvalidateRect
DialogBoxParamA
CreateWindowExA
GetClientRect
CharPrevW
LoadCursorA
RegisterClassA
EndDialog
GetWindowTextLengthA
GetWindowTextA
MessageBoxA
ClientToScreen
SetRectEmpty
CreateDialogIndirectParamA
EnableMenuItem
TrackPopupMenuEx
GetWindowLongA
GetParent
SendMessageA
LoadStringA
IsWindowVisible
CharNextW
wsprintfA
TranslateAcceleratorA

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey

oleaut32

SetErrorInfo
OleCreatePropertyFrame
SysAllocStringLen
LoadTypeLibEx
UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi
SysAllocString
VariantInit
VariantChangeType
VariantClear
LoadRegTypeLi
SysFreeString
LHashValOfNameSys
CreateErrorInfo

gdi32

SetViewportExtEx
SetMapMode
SetWindowExtEx
LPtoDP
CreateRectRgnIndirect
CreateDCA
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
GetViewportExtEx
GetWindowExtEx
CreateCompatibleDC
GetDeviceCaps

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterDesigner
DllRegisterServer
DllUnregisterDesigner
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9be13f2b612903afc1c77de2fac14181

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 54KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 8KB - Virtual size: 4KB

.rmnet Size: 88KB - Virtual size: 88KB

.text
Size: 56KB - Virtual size: 54KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 8KB - Virtual size: 4KB

.rmnet
Size: 88KB - Virtual size: 88KB