953c362dee617819c3df9ac752372e923c3835bfdd0e9193a716571325e15a69

Sharing

Copy URL Twitter E-mail

General

Target

953c362dee617819c3df9ac752372e923c3835bfdd0e9193a716571325e15a69
Size

417KB
MD5

5f437d6f5dfaff8b920d86b7fbfa28b9
SHA1

fd847abce11fc512fa4818b81a9f762dfe4a8451
SHA256

953c362dee617819c3df9ac752372e923c3835bfdd0e9193a716571325e15a69
SHA512

1f240cb1b0c4d1a183d3a454aa20c4f255a60c83e6e0713b972f78e1066d76279bbbca88622b00372f3afd63cef7ae7f6e95c977aa7c3c01452d1a14c76ee79a
SSDEEP

6144:aKb9n/sf8bcK7cNnemDy2skBMLUn0mT8Sc/T4F1bpxg8yDdmt1t:l5nUf8bbgNneWy2skPv3D6Ddmt1t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
953c362dee617819c3df9ac752372e923c3835bfdd0e9193a716571325e15a69

Files

953c362dee617819c3df9ac752372e923c3835bfdd0e9193a716571325e15a69
.dll windows:6 windows x86 arch:x86

87add667615bf2ad73283c2b3d726d8c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msi

ord17
ord125
ord116
ord118
ord160
ord171
ord51
ord32
ord49
ord159
ord145
ord165
ord103
ord121
ord74
ord8

kernel32

InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
lstrcmpiW
EnterCriticalSection
RaiseException
InterlockedDecrement
InterlockedIncrement
DeleteFileW
GetFileAttributesW
LoadLibraryW
FormatMessageW
LocalFree
GetTempFileNameW
GetTempPathW
FindResourceW
WriteFile
SizeofResource
LoadResource
LockResource
FreeResource
WideCharToMultiByte
MultiByteToWideChar
GetVersionExW
CreateFileW
LoadLibraryExW
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetCurrentThreadId
GetCommandLineA
HeapAlloc
HeapFree
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
QueryPerformanceCounter
lstrcpynW
OutputDebugStringW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetModuleFileNameA
GetFileType
HeapReAlloc
GetProcessHeap
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
GetModuleHandleExW
ExitProcess
GetStdHandle
LoadLibraryExA
lstrcatW
ReadFile
WaitForSingleObject
FreeLibrary
SetLastError
GetLastError
CreateProcessW
GetTickCount
GetModuleHandleW
GetModuleFileNameW
lstrlenW
lstrcpyW
CloseHandle
Sleep
GetProcAddress
GetUserDefaultLCID
GetACP
LeaveCriticalSection
GetStringTypeW
GetCPInfo
GetOEMCP
EncodePointer
DecodePointer
LCMapStringW
GetFileSize
SetFilePointer
CreateEventW
QueryPerformanceFrequency
GetCurrentProcess
TerminateProcess
GetSystemInfo
GetSystemDirectoryW
GetWindowsDirectoryW
SetEvent
ResetEvent
SystemTimeToFileTime
IsValidCodePage

user32

PeekMessageW
GetDesktopWindow
TranslateMessage
DispatchMessageW
MsgWaitForMultipleObjects
CharNextW
CharUpperBuffW
WaitForInputIdle
wsprintfW

advapi32

RegOpenKeyW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW

ole32

StringFromGUID2
CoCreateGuid
CreateItemMoniker
GetRunningObjectTable
CoUninitialize
CoInitializeEx
CLSIDFromProgID
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree

oleaut32

VarUI4FromStr
GetErrorInfo
RegisterTypeLi
LoadTypeLi
SysReAllocStringLen
SysAllocStringLen
SysStringLen
VariantCopy
VariantClear
VariantInit
SysFreeString
SysAllocString

wininet

InternetConnectW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle
InternetSetStatusCallbackW
InternetQueryOptionW
InternetCrackUrlW
HttpOpenRequestW
InternetCanonicalizeUrlW
HttpSendRequestW
HttpQueryInfoW
InternetGetLastResponseInfoW
InternetErrorDlg
InternetAutodial
InternetGetConnectedState
InternetOpenW

Exports

Exports

ISSelfRegisterCosting
ISSelfRegisterFiles
ISSelfRegisterFinalize
ISUnSelfRegisterFiles

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87add667615bf2ad73283c2b3d726d8c

Headers

DLL Characteristics

File Characteristics

Imports

msi

kernel32

user32

advapi32

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 151KB - Virtual size: 150KB

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 181KB - Virtual size: 181KB

.reloc Size: 22KB - Virtual size: 21KB

.text
Size: 151KB - Virtual size: 150KB

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 181KB - Virtual size: 181KB

.reloc
Size: 22KB - Virtual size: 21KB