e3e9f5f334ef593d2017b315d593a8bd1f4026ef05f64830f0ff4f4e098d1c65

Sharing

Copy URL Twitter E-mail

General

Target

e3e9f5f334ef593d2017b315d593a8bd1f4026ef05f64830f0ff4f4e098d1c65
Size

380KB
MD5

026be520b60e212ee5d35bd58de7d70b
SHA1

9cb08e8113316675110a362c9b7a96c71217efd5
SHA256

e3e9f5f334ef593d2017b315d593a8bd1f4026ef05f64830f0ff4f4e098d1c65
SHA512

b5d69151f93311a8a3f2560efae6b88618c000a59c71cfd06aa6808bd4cffc29165f1c0b08e643a65196be3484e1504146dc15461c5f55a0a9fabfb87ee3cbfa
SSDEEP

6144:RVJXlgq7I2wSwGNxfl6J4qDJtXUte/wO3nVgYZVgg:RVJXej29Nx0nae/wO3Lh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e3e9f5f334ef593d2017b315d593a8bd1f4026ef05f64830f0ff4f4e098d1c65

Files

e3e9f5f334ef593d2017b315d593a8bd1f4026ef05f64830f0ff4f4e098d1c65
.dll regsvr32 windows:4 windows x86 arch:x86

8200c3380e5867450279b3a4d55d80f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
TerminateProcess
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
ExitProcess
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
GetVersion
GetCommandLineA
RaiseException
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
HeapAlloc
RtlUnwind
HeapFree
InterlockedExchange
Sleep
SetEvent
WaitForSingleObject
CreateEventA
CreateThread
GetSystemTime
GetSystemDefaultLCID
GetDateFormatA
GetTimeFormatA
LockResource
GetVersionExA
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
HeapDestroy
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleHandleA
GetShortPathNameA
lstrlenW
DisableThreadLibraryCalls
GetModuleFileNameA
GetLastError
FormatMessageA
LocalFree
lstrlenA
MultiByteToWideChar
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GlobalSize
GlobalFree
MulDiv
WriteFile
GlobalAlloc
GlobalLock
GlobalUnlock
DeleteCriticalSection
SetLastError
InitializeCriticalSection

user32

GetCaretPos
SetCaretPos
HideCaret
ShowCaret
CreateCaret
DestroyCaret
SetRect
SystemParametersInfoA
OffsetRect
GetSysColorBrush
GetWindowTextA
SetWindowTextA
IsDlgButtonChecked
CheckDlgButton
GetDlgItemInt
SetDlgItemInt
InvertRect
GetWindowTextLengthA
GetDlgItemTextA
EndDialog
EqualRect
CharPrevA
CharLowerA
CharUpperA
SetRectEmpty
GetParent
ShowWindow
ScrollWindowEx
IsWindowEnabled
EnableWindow
GetWindowRect
CreateAcceleratorTableA
TranslateAcceleratorA
DispatchMessageA
GetDlgItem
InflateRect
RegisterClassA
LoadCursorA
IsCharAlphaA
IsCharAlphaNumericA
ReleaseDC
GetDC
UnregisterClassA
DestroyCursor
SetWindowPos
SetWindowLongA
GetKeyState
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
SetClipboardData
EmptyClipboard
GetSystemMetrics
PtInRect
GetClientRect
CopyRect
CreateWindowExA
CharNextA
RegisterClassExA
wsprintfA
GetClassInfoExA
SetWindowRgn
GetClassInfoA
PostMessageA
SetPropA
RemovePropA
GetPropA
LoadBitmapA
CreateDialogParamA
SetDlgItemTextA
DrawTextA
SetCursorPos
TranslateMessage
PeekMessageA
CallNextHookEx
DrawFocusRect
IsWindowVisible
SetWindowsHookExA
IsChild
CallWindowProcA
DrawFrameControl
DestroyAcceleratorTable
SendMessageA
GetWindowLongA
IsWindow
ClientToScreen
GetCursorPos
ReleaseCapture
GetCapture
GetSysColor
InvalidateRect
SetCursor
ScreenToClient
GetScrollInfo
IsRectEmpty
SetCapture
DefWindowProcA
BeginPaint
SetTimer
FillRect
IntersectRect
UnionRect
EndPaint
DestroyWindow
KillTimer
GetKeyboardLayout
GetFocus
SetFocus
CreatePopupMenu
InsertMenuA
TrackPopupMenu
DialogBoxParamA
LoadStringA
MessageBoxA
MessageBeep
UpdateWindow
UnhookWindowsHookEx

gdi32

SetWindowExtEx
GetWindowExtEx
SetMapMode
GetMapMode
Rectangle
PatBlt
CreatePatternBrush
CreateBitmap
SetBkMode
LineTo
MoveToEx
SetTextCharacterExtra
ExtTextOutA
SetBkColor
GetTextExtentPoint32A
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
RestoreDC
SaveDC
CreateMetaFileA
SetViewportOrgEx
LPtoDP
CreateDCA
EndDoc
AbortDoc
EndPage
StartPage
StartDocA
SetTextColor
TextOutA
CreatePen
GetNearestColor
CreateCompatibleDC
SetWindowOrgEx
CreateSolidBrush
BitBlt
DeleteDC
SelectObject
GetTextMetricsA
CreateCompatibleBitmap
DeleteObject
GetStockObject
GetObjectA
EnumFontFamiliesExA
Polygon
CreateFontIndirectA
GetDeviceCaps

comdlg32

PrintDlgA
ChooseFontA

advapi32

RegEnumValueA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegDeleteKeyA
RegQueryInfoKeyA

shell32

ShellExecuteA

ole32

OleRegGetUserType
OleRegEnumVerbs
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
DoDragDrop
OleRegGetMiscStatus
OleSaveToStream
WriteClassStm
CoCreateInstance
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleUninitialize
OleInitialize
CreateDataAdviseHolder
OleLoadFromStream
CreateOleAdviseHolder
ReleaseStgMedium

oleaut32

CreateErrorInfo
SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysAllocStringByteLen
SysStringByteLen
SysAllocString
SafeArrayCreate
SafeArrayAllocData
SafeArrayDestroy
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayUnaccessData
VariantCopy
VariantChangeType
VariantClear
SysAllocStringLen
VariantInit
SetErrorInfo
OleCreateFontIndirect
SysFreeString

comctl32

ImageList_GetImageInfo
ImageList_Duplicate
ImageList_Draw
ImageList_GetIconSize
ord17
ImageList_Destroy
PropertySheetA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8200c3380e5867450279b3a4d55d80f5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

version

Exports

Exports

Sections

.text Size: 220KB - Virtual size: 216KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 24KB - Virtual size: 26KB

Shared Size: 4KB - Virtual size: 4B

.rsrc Size: 88KB - Virtual size: 86KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 220KB - Virtual size: 216KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 24KB - Virtual size: 26KB

Shared
Size: 4KB - Virtual size: 4B

.rsrc
Size: 88KB - Virtual size: 86KB

.reloc
Size: 16KB - Virtual size: 15KB