755b3945e66dedeb0ce859963263f1ce05cc248e59b686d426508b14b74e9564

Sharing

Copy URL Twitter E-mail

General

Target

755b3945e66dedeb0ce859963263f1ce05cc248e59b686d426508b14b74e9564
Size

1.9MB
MD5

d677f33d5eefeee713de07f169725282
SHA1

26bd1a677c30da96a668319c5148f0ce803792c0
SHA256

755b3945e66dedeb0ce859963263f1ce05cc248e59b686d426508b14b74e9564
SHA512

13488966d49132b0f75a6f391e44d97c25aa6a8a8297f78aa9049c055f593842025f2d349a4069f19c892b85caa27fc6940d5ff848ea32964964ec282c26f852
SSDEEP

49152:mfs8CeQ1H9ymWKQrG+o5tJkX5dq8n12AuZi:NPeIcK1+onOp3Wi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
755b3945e66dedeb0ce859963263f1ce05cc248e59b686d426508b14b74e9564

Files

755b3945e66dedeb0ce859963263f1ce05cc248e59b686d426508b14b74e9564
.dll regsvr32 windows:5 windows x86 arch:x86

f6c473e91b22ab623402c87a539b1396

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msxml5.pdb

Imports

ole32

CreateStreamOnHGlobal
CreateBindCtx
CoCreateFreeThreadedMarshaler
StringFromCLSID
CoTaskMemFree
CLSIDFromProgID
CoCreateGuid
CoTaskMemAlloc
CoCreateInstance

shlwapi

PathIsURLW
StrCmpNW
StrToIntW
StrCmpNIW
StrCmpW
PathSearchAndQualifyW
UrlCreateFromPathW
PathCreateFromUrlW
UrlCanonicalizeW
UrlGetLocationW
UrlIsW
PathIsRelativeW
UrlUnescapeW

kernel32

LoadResource
LocalAlloc
CreateFileW
ReadFile
SetEndOfFile
InterlockedCompareExchange
FlushFileBuffers
SetStdHandle
GetProcAddress
LoadLibraryA
FreeLibrary
MultiByteToWideChar
GetModuleFileNameA
ExpandEnvironmentStringsA
TlsGetValue
OutputDebugStringW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
HeapFree
HeapSize
HeapAlloc
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetProcessHeap
CloseHandle
TlsSetValue
GetLastError
DuplicateHandle
GetCurrentThread
GetModuleHandleA
GetVersionExA
TlsAlloc
TlsFree
InitializeCriticalSection
WaitForSingleObject
ReleaseSemaphore
InterlockedExchange
CreateSemaphoreA
CreateEventW
Sleep
GetExitCodeThread
VirtualQuery
GetThreadContext
ResumeThread
SuspendThread
SetEvent
ResetEvent
HeapDestroy
HeapCreate
SetLastError
GetSystemInfo
RaiseException
WideCharToMultiByte
FormatMessageA
LoadLibraryExA
LocalFree
FindResourceW
FormatMessageW
FindClose
FindNextFileA
FindFirstFileA
GetUserDefaultLCID
GetSystemDefaultLCID
GetSystemDefaultLangID
LoadLibraryW
FileTimeToSystemTime
SystemTimeToFileTime
CreateEventA
GetVersionExW
GetThreadLocale
GetTimeFormatW
GetDateFormatW
CompareStringW
GetCPInfo
GetCommandLineA
VirtualProtect
RtlUnwind
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteFile
HeapReAlloc
GetACP
GetOEMCP
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LCMapStringA
LCMapStringW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 671KB - Virtual size: 672KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6c473e91b22ab623402c87a539b1396

Headers

File Characteristics

PDB Paths

Imports

ole32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.data Size: 83KB - Virtual size: 85KB

.rsrc Size: 119KB - Virtual size: 119KB

.reloc Size: 671KB - Virtual size: 672KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 83KB - Virtual size: 85KB

.rsrc
Size: 119KB - Virtual size: 119KB

.reloc
Size: 671KB - Virtual size: 672KB