0af7869b3d3cd14d7dfeb0f2f9b3038bbe28313034ffb5de708ddfc40feb554d

Sharing

Copy URL Twitter E-mail

General

Target

0af7869b3d3cd14d7dfeb0f2f9b3038bbe28313034ffb5de708ddfc40feb554d
Size

592KB
MD5

55ec5d777acac219c54ac51ae963d2e1
SHA1

8e51b2cccebe23d8e41501dd02e974c861a6f60d
SHA256

0af7869b3d3cd14d7dfeb0f2f9b3038bbe28313034ffb5de708ddfc40feb554d
SHA512

54a1648d5654c6d98c0730730645cbe81bed25888e22c68cfccf199b8c1e8e6d29070e5c0561b10699f475df6a57dc37643ca203fac774715ce9f01dcea62168
SSDEEP

12288:9rxPO4a5rsHHnPCPBGHLZXmhtM5zpRs+yK88yKzpIQwFIlyK88yKlsO+YK+V+3+O:9Vba5gPCPorZXqM7Rs+yK88yKzpIQwF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0af7869b3d3cd14d7dfeb0f2f9b3038bbe28313034ffb5de708ddfc40feb554d

Files

0af7869b3d3cd14d7dfeb0f2f9b3038bbe28313034ffb5de708ddfc40feb554d
.dll regsvr32 windows:4 windows x86 arch:x86

aad7adee22108860a43b00935954053d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shell32

SHGetMalloc
SHGetDesktopFolder
SHGetPathFromIDListW

gdi32

CreateCompatibleDC
DeleteDC
BitBlt
SelectObject
DeleteObject

kernel32

GetFileAttributesA
GetModuleFileNameA
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
InterlockedIncrement
InterlockedDecrement
GetLastError
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThreadId
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
lstrlenA
lstrcmpiA
DisableThreadLibraryCalls
lstrcpynA
lstrcpyA
lstrcatA
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetProcAddress
CreateDirectoryA
CloseHandle
ReadFile
GetFileSize
CreateFileA
DeleteCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetStartupInfoA
GetStdHandle
SetHandleCount
SetFilePointer
GetFileType
SetStdHandle
GetTimeZoneInformation
HeapSize
TerminateProcess
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
IsBadWritePtr
VirtualFree
GetUserDefaultLCID
HeapCreate
HeapDestroy
GetCPInfo
LCMapStringW
LCMapStringA
ExitProcess
GetCommandLineA
HeapReAlloc
InitializeCriticalSection
RaiseException
LoadLibraryA
WriteFile
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetEndOfFile
CompareStringA
CompareStringW
GetLocaleInfoW
FlushFileBuffers
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
DeleteFileA
UnhandledExceptionFilter
SetEnvironmentVariableA
RtlUnwind

user32

RedrawWindow
LoadImageA
GetSystemMetrics
GetActiveWindow
DialogBoxParamA
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
MoveWindow
EndDialog
GetDlgItemTextA
CharNextA
CreateDialogParamA
MapDialogRect
GetWindowPlacement
SetWindowPlacement
ShowWindow
GetWindowTextA
GetDlgItem
EnableWindow
SetDlgItemTextA
SendMessageA
GetParent
SetWindowLongA
LoadBitmapA
MessageBoxA
LoadStringA
UnregisterClassA
ScreenToClient
GetWindowTextLengthA
SetWindowTextA
GetWindowLongA

advapi32

RegSetValueExA
RegQueryInfoKeyA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegEnumKeyExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

ole32

StringFromCLSID
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2
CLSIDFromString
CoCreateInstance

oleaut32

SysFreeString
VarUI4FromStr
RegisterTypeLi
SysAllocString
LoadTypeLi

shlwapi

PathFindExtensionA

comctl32

CreatePropertySheetPageA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 312KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aad7adee22108860a43b00935954053d

Headers

File Characteristics

Imports

version

shell32

gdi32

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

comctl32

Exports

Exports

Sections

.text Size: 312KB - Virtual size: 308KB

.rdata Size: 116KB - Virtual size: 114KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 120KB - Virtual size: 116KB

.reloc Size: 32KB - Virtual size: 28KB

.text
Size: 312KB - Virtual size: 308KB

.rdata
Size: 116KB - Virtual size: 114KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 120KB - Virtual size: 116KB

.reloc
Size: 32KB - Virtual size: 28KB