3338983d07c679b212569b91b8fabeeca6c6b94cb74522755c100ad1bc6d3d41

Sharing

Copy URL Twitter E-mail

General

Target

3338983d07c679b212569b91b8fabeeca6c6b94cb74522755c100ad1bc6d3d41
Size

36KB
MD5

21f5fd7bda0641a2b6c5f14517589717
SHA1

8d64898921870e2193f0c9e4efd6380dadd94967
SHA256

3338983d07c679b212569b91b8fabeeca6c6b94cb74522755c100ad1bc6d3d41
SHA512

f32f5fea9431c4d6a03f86098520446e54ae3f1a3c13d434257377cc8dc4be05a87351cc93c41532c15c28aeb398b4847988a544c24dfb082518cfdfee905c49
SSDEEP

384:/nF7ny5+pcRChEO4Qp8OfthKX1RWC7YOBEQyEcJEcvT8Z7jqanHWH:/nF7ny5fCVBpwX18OpDcJEcghjHW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3338983d07c679b212569b91b8fabeeca6c6b94cb74522755c100ad1bc6d3d41

Files

3338983d07c679b212569b91b8fabeeca6c6b94cb74522755c100ad1bc6d3d41
.dll regsvr32 windows:4 windows x86 arch:x86

adc7c556c385f9a0f7abd68dadb2afe6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InterlockedDecrement
HeapCreate
GetSystemInfo
HeapAlloc
lstrcatA
lstrcpyA
lstrlenA
lstrlenW
FlushInstructionCache
GetCurrentProcess
GlobalUnlock
HeapFree
DisableThreadLibraryCalls
DebugBreak
GlobalAlloc
InitializeCriticalSection
GlobalLock

user32

OffsetRect
SetWindowRgn
IsWindow
GetParent
DestroyWindow
DefWindowProcA
EqualRect
IsChild
GetFocus
GetWindowRect
SetWindowPos
GetKeyState
PtInRect
IntersectRect
InvalidateRect
EndPaint
BeginPaint
SetFocus
CallWindowProcA
GetWindowLongA
SetWindowLongA
GetClassInfoExA
RegisterClassExA
CreateWindowExA
ShowWindow
UnionRect
GetClientRect

gdi32

CloseMetaFile
CreateRectRgnIndirect
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
CreateMetaFileA
DeleteDC
SetViewportOrgEx
SetMapMode
LPtoDP
GetDeviceCaps
DeleteMetaFile

ole32

CreateOleAdviseHolder
CoTaskMemFree
CoTaskMemAlloc
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs

oleaut32

LoadRegTypeLi
OleCreatePropertyFrame
SysStringLen
SysFreeString
VariantClear

atl

ord23
ord21
ord15
ord18
ord57
ord16
ord32
ord46
ord51
ord30
ord43
ord44
ord58
ord31
ord27
ord26

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adc7c556c385f9a0f7abd68dadb2afe6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

atl

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 876B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 876B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 1KB