50f708239857d0e21304103a2bfbfa1ec6564b6c74187f552446ddad8023a546

Sharing

Copy URL

Twitter E-mail

General

Target

50f708239857d0e21304103a2bfbfa1ec6564b6c74187f552446ddad8023a546
Size

612KB
MD5

1a40791b8f6d8cb1f758e907470be0b1
SHA1

86acbb667ecf5871835605931b18bb6cef416024
SHA256

50f708239857d0e21304103a2bfbfa1ec6564b6c74187f552446ddad8023a546
SHA512

bda6ef5c6310b975c59ea61d57d512369c3f7c33b6600b9838cd2c871eac942e3d0a2af9094aaab9e3cddd4ce185daa5521e1893dc75415a6b4e643e353392d1
SSDEEP

12288:2sNpWv34rO+d8R2KBpCICT1U8tMhpBmpmQ1ATVnJh1osPKTpqKOFp:24xrO+dA2KBpCICTaGMhpBcYnJDhPKVI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50f708239857d0e21304103a2bfbfa1ec6564b6c74187f552446ddad8023a546

Files

50f708239857d0e21304103a2bfbfa1ec6564b6c74187f552446ddad8023a546
.dll regsvr32 windows:5 windows x86 arch:x86

dedd7b5fa3defca01af0e978a2a7d6e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rpcrt4

RpcStringFreeW
UuidToStringW

kernel32

GetFileAttributesW
GetFileSizeEx
GetFileTime
HeapFree
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
RtlUnwind
RaiseException
HeapReAlloc
HeapSize
Sleep
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
IsValidCodePage
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
FileTimeToLocalFileTime
GetTickCount
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
lstrlenA
lstrcmpA
CompareStringA
InterlockedExchange
GlobalFlags
GetThreadLocale
GetCurrentProcessId
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetModuleHandleA
GetModuleFileNameW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
lstrcmpW
GetModuleHandleW
GetVersionExA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
ReleaseMutex
OpenMutexW
CreateMutexW
WaitForSingleObject
CloseHandle
ExitThread
WideCharToMultiByte
LockResource
LoadLibraryW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
GetLastError
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
lstrlenW
GetProcAddress
GetOEMCP

user32

PostThreadMessageW
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
PostQuitMessage
DestroyMenu
CharNextW
GetWindowThreadProcessId
LoadCursorW
GetSysColorBrush
UnregisterClassW
GetMessageW
TranslateMessage
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetFocus
IsWindow
SetFocus
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
PostMessageW
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
RegisterClipboardFormatW
CharUpperW
MessageBeep
GetNextDlgGroupItem
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
GetMenu
GetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetClientRect
ShowWindow
BringWindowToTop
GetParent
GetWindowRect
SetPropW
CallWindowProcW
RemovePropW
SetWindowLongW
GetPropW
SendMessageW
CharUpperBuffW
RealGetWindowClassW
GetClassNameW
GetWindowTextW
EnumChildWindows
EnableWindow
SendDlgItemMessageW

gdi32

GetStockObject
GetBkColor
DeleteDC
ExtSelectClipRgn
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetTextColor
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ScaleWindowExtEx
SetWindowExtEx
GetDeviceCaps
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
ScaleViewportExtEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

shlwapi

SHDeleteKeyW
PathStripToRootW
StrCpyW
PathFindFileNameW
UrlUnescapeW
StrStrIW
UrlGetPartW
PathFindExtensionW
PathIsUNCW
StrCmpIW

oledlg

OleUIBusyW

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CoRegisterMessageFilter
CoTaskMemAlloc
CoUninitialize
CoInitialize
StringFromCLSID
CoCreateInstance
CoTaskMemFree
CLSIDFromProgID

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreateVector
VarBstrCmp
VariantChangeType
VariantInit
VariantClear
VariantCopy
VarBstrCat
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString

urlmon

UrlMkGetSessionOption

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 440KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dedd7b5fa3defca01af0e978a2a7d6e5

Headers

File Characteristics

Imports

rpcrt4

kernel32

user32

gdi32

comdlg32

winspool.drv

shlwapi

oledlg

ole32

oleaut32

urlmon

Exports

Exports

Sections

.text Size: 440KB - Virtual size: 440KB

.rdata Size: 72KB - Virtual size: 72KB

.data Size: 32KB - Virtual size: 32KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 60KB - Virtual size: 60KB

.text
Size: 440KB - Virtual size: 440KB

.rdata
Size: 72KB - Virtual size: 72KB

.data
Size: 32KB - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 60KB - Virtual size: 60KB