d8d1b6d65ab92fd10fd8927b3a023d651f7244ce7e21d2e04443d731a8d87185

Sharing

Copy URL Twitter E-mail

General

Target

d8d1b6d65ab92fd10fd8927b3a023d651f7244ce7e21d2e04443d731a8d87185
Size

125KB
MD5

092184292e24afd295bf8de599a0381a
SHA1

8ac4c946c45fefcc7e797bc823af1a045662c4dc
SHA256

d8d1b6d65ab92fd10fd8927b3a023d651f7244ce7e21d2e04443d731a8d87185
SHA512

527169491458a88259f677de0763a0b74a6de92d37ce0ebbe6fe6a3d6251d8554c921d15328a52e86e78ce2982c1c1c2fa73367d2a095d9bead51de9e485537f
SSDEEP

3072:UY5c/iB+UFkRuqzxWSHdxXyvyqRCpwwN:l5c/O+U2WS9xiv5RCOw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d8d1b6d65ab92fd10fd8927b3a023d651f7244ce7e21d2e04443d731a8d87185

Files

d8d1b6d65ab92fd10fd8927b3a023d651f7244ce7e21d2e04443d731a8d87185
.dll regsvr32 windows:5 windows x86 arch:x86

778f01f0d41d09fe2cab7ef6f52b9f57

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dhtmled.pdb

Imports

msvcrt

wcscpy
realloc
malloc
_wcsicmp
_wcsnicmp
_wcslwr
wcsncmp
free
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
wcscat
_wcsrev
wcslen
wcscmp
wcschr
_itow
wcsncpy
vswprintf
_itoa
wcstok
_initterm
_adjust_fdiv

urlmon

URLOpenBlockingStreamW
URLOpenBlockingStreamA
CoInternetCreateSecurityManager
CreateURLMoniker
CoInternetCombineUrl
CoInternetParseUrl
CoInternetGetSession

wininet

InternetCloseHandle
InternetOpenA
InternetOpenW
InternetOpenUrlA
InternetOpenUrlW
InternetCreateUrlA
InternetCreateUrlW
InternetCrackUrlA
InternetCrackUrlW
DeleteUrlCacheEntryA
DeleteUrlCacheEntryW
InternetReadFile

oleaut32

DispGetParam
VariantInit
SysAllocString
SysFreeString
SafeArrayCopy
VariantClear
SafeArrayDestroy
SafeArrayPutElement
VariantChangeType
SafeArrayGetElement
SafeArrayRedim
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreateVector
SysStringLen
SysReAllocString
VariantCopy
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
SysAllocStringLen
SetErrorInfo
RegisterTypeLi
LoadTypeLi
VarI4FromStr
SafeArrayCreate
VariantCopyInd
OleCreatePropertyFrame

ole32

CoTaskMemRealloc
GetHGlobalFromStream
OleRun
CreateBindCtx
ReleaseStgMedium
CreateOleAdviseHolder
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
OleLoadFromStream
CreateStreamOnHGlobal
WriteClassStm
OleSaveToStream

kernel32

GetLastError
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
CloseHandle
DisableThreadLibraryCalls
HeapDestroy
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
SizeofResource
LoadResource
GetFileSize
WriteFile
IsValidCodePage
GlobalFree
ReadFile
GetVersionExA
lstrcmpiA
CreateFileA
CreateFileW
FindResourceA
FindResourceW
GetModuleFileNameA
GetModuleFileNameW
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
lstrcmpiW
lstrcpynW
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
VirtualAlloc
HeapFree
GetProcessHeap
HeapAlloc
GetProcAddress
VirtualFree

gdi32

RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
CloseMetaFile
DeleteMetaFile
CreateMetaFileW
CreateMetaFileA
CreateDCW
CreateDCA
LPtoDP
SetMapMode
SetViewportOrgEx
GetDeviceCaps
CreateRectRgnIndirect
GetStockObject
Rectangle
DeleteDC

user32

wvsprintfW
CharNextW
PtInRect
UnionRect
ShowWindow
DestroyWindow
FillRect
DestroyMenu
TrackPopupMenu
CreatePopupMenu
ScreenToClient
IsWindow
GetClientRect
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
EndPaint
BeginPaint
ReleaseDC
GetDC
GetParent
GetClassInfoExW
SetFocus
InvalidateRect
SetParent
GetKeyState
GetFocus
AppendMenuA
AppendMenuW
CallWindowProcA
CallWindowProcW
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
GetWindowLongA
GetWindowLongW
LoadCursorA
LoadCursorW
PostMessageA
PostMessageW
RegisterClassExA
RegisterClassExW
SetWindowLongA
SetWindowLongW

comdlg32

GetSaveFileNameA
GetSaveFileNameW
GetOpenFileNameA
GetOpenFileNameW

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegEnumKeyExA
RegQueryValueExW
RegQueryValueExA
RegSetValueExW
RegSetValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

778f01f0d41d09fe2cab7ef6f52b9f57

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

urlmon

wininet

oleaut32

ole32

kernel32

gdi32

user32

comdlg32

advapi32

Exports

Exports

Sections

.text Size: 94KB - Virtual size: 93KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 94KB - Virtual size: 93KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 7KB - Virtual size: 7KB