5ec49ab529d27e254332c4acebf773114ae5a5b23b0ea63137b9c55e4b7c5d3b

Sharing

Copy URL

Twitter E-mail

General

Target

5ec49ab529d27e254332c4acebf773114ae5a5b23b0ea63137b9c55e4b7c5d3b
Size

1.4MB
MD5

41e3f8adb43b4fd99317310431fc27cf
SHA1

9b889a58236c8bd82182ace094f2bd43e84b9744
SHA256

5ec49ab529d27e254332c4acebf773114ae5a5b23b0ea63137b9c55e4b7c5d3b
SHA512

b96b846ed4f2fade0f02b3881ccd4885ba31792150f5b742c840ea7dbb4bfa27256b6da5dfbb8c1a6609ed2234eeee9730a999e2bddef15aee42d6011a2a5369
SSDEEP

24576:VDCFsuFP4MDL7p7zg67tiz2hh1K+O50Bk4GJYuNsHxLc1XRtL:VSZyrFS/1K+55GJbNcSt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ec49ab529d27e254332c4acebf773114ae5a5b23b0ea63137b9c55e4b7c5d3b

Files

5ec49ab529d27e254332c4acebf773114ae5a5b23b0ea63137b9c55e4b7c5d3b
.dll regsvr32 windows:6 windows x86 arch:x86

809283495e041b665af5e9393d46f5cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msjet40.pdb

Imports

mswstr10

ord2
ord4
ord1

advapi32

GetUserNameA
OpenThreadToken
SetThreadToken
RegCloseKey
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyW
RegEnumValueA
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegQueryValueExW

kernel32

SetEnvironmentVariableA
ReadConsoleW
GetDriveTypeA
SetStdHandle
DisableThreadLibraryCalls
CreateFileA
DeleteFileA
CloseHandle
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetLocalTime
GetTickCount
VirtualAlloc
VirtualFree
VirtualQuery
FreeLibrary
GetProcAddress
GetTempPathA
GetUserDefaultLCID
FindClose
FindFirstFileA
Sleep
LoadLibraryExA
GetLocaleInfoA
FlushFileBuffers
GetFileInformationByHandle
GetFileSize
GetFileType
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
HeapAlloc
HeapFree
GetProcessHeap
SetThreadPriority
ResumeThread
GetSystemInfo
GlobalMemoryStatus
GetComputerNameA
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
CreateThread
GetCurrentThreadId
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
MultiByteToWideChar
WideCharToMultiByte
GetNumberFormatA
GetCurrencyFormatA
CreateFileW
DeleteFileW
FindFirstFileW
SetFilePointerEx
GetDriveTypeW
GetFileAttributesA
GetFileAttributesW
GetFullPathNameA
GetFullPathNameW
GetShortPathNameW
GetTempFileNameW
GetTempPathW
SetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
LoadLibraryExW
GetShortPathNameA
GetTempFileNameA
GetComputerNameW
GetLocaleInfoW
IsDBCSLeadByte
GetCurrentThread
IsDebuggerPresent
IsProcessorFeaturePresent
GetStringTypeW
HeapReAlloc
EncodePointer
DecodePointer
RtlUnwind
GetStdHandle
GetModuleHandleExW
WriteConsoleW
RaiseException
ExitThread
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
ExitProcess
AreFileApisANSI
GetTimeZoneInformation
HeapSize
OutputDebugStringW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringW
LCMapStringW
GetConsoleCP
GetConsoleMode

ole32

CoCreateGuid
CoCreateInstance

oleaut32

SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysStringLen

user32

CharUpperW
MsgWaitForMultipleObjects
PeekMessageA
DispatchMessageA
TranslateMessage
CharUpperA

Exports

Exports

DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

809283495e041b665af5e9393d46f5cf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mswstr10

advapi32

kernel32

ole32

oleaut32

user32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.data Size: 29KB - Virtual size: 304KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 171KB - Virtual size: 171KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 29KB - Virtual size: 304KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 171KB - Virtual size: 171KB