374ba36bcbbd7e5425c3af6981d43e8169dd7113f4028878819538e98760b505

Sharing

Copy URL

Twitter E-mail

General

Target

374ba36bcbbd7e5425c3af6981d43e8169dd7113f4028878819538e98760b505
Size

200KB
MD5

14071ada97bf75834a7f13bb74e375d2
SHA1

6d3685b3ef5d95d32d05ed0fa129dec05ac0a577
SHA256

374ba36bcbbd7e5425c3af6981d43e8169dd7113f4028878819538e98760b505
SHA512

052b10cf18e4dcc357d48c37735977183943811b69fdaf143ed4d6b0168eebe102fff35b7e1b06263e56613fbc2ef0dd2deeb2f7f6b1ca20cff6c711ab2c4af9
SSDEEP

3072:oBkkfiFJhpG8KY5tGvdsWc637yl4/8aOV48s3BXm2E3Frojy29ets0VTJYnlrGR:oBeJwldB37yWZR271r22TJYnJe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
374ba36bcbbd7e5425c3af6981d43e8169dd7113f4028878819538e98760b505

Files

374ba36bcbbd7e5425c3af6981d43e8169dd7113f4028878819538e98760b505
.dll regsvr32 windows:5 windows x86 arch:x86

678c0342f62e0c0834b7c9bf7708be3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

?terminate@@YAXXZ
free
??3@YAXPAX@Z
realloc
??2@YAPAXI@Z
__CxxFrameHandler
_purecall
_ftol
wcscmp
??1type_info@@UAE@XZ
_CxxThrowException
wcslen
memmove
_initterm
_except_handler3
_onexit
__dllonexit
malloc
_adjust_fdiv

kernel32

DisableThreadLibraryCalls
lstrlenA
SizeofResource
LoadResource
FindResourceW
GetLastError
LoadLibraryExW
GetShortPathNameW
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThreadId
IsBadWritePtr
IsBadCodePtr
IsBadReadPtr
GlobalLock
WideCharToMultiByte
GetTickCount
GlobalUnlock
GlobalAlloc
GetUserDefaultLangID
LoadLibraryW
HeapCreate
HeapReAlloc
MultiByteToWideChar
lstrlenW
lstrcpyW
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
lstrcpynW
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
lstrcatW
GetModuleFileNameW
FreeLibrary
GetProcAddress

user32

ShowCursor
GetCursorInfo
PostMessageW
IsWindowEnabled
GetCapture
ReleaseCapture
SetCapture
KillTimer
SetTimer
GetMessageExtraInfo
GetCursorPos
ScreenToClient
GetClassInfoW
RegisterClassW
GetDoubleClickTime
UnregisterClassW
GetSystemMetrics
TranslateMessage
DispatchMessageW
MessageBeep
WindowFromDC
GetClientRect
ValidateRect
SetRect
GetSysColor
FillRect
InflateRect
SetFocus
CreateWindowExW
IntersectRect
OffsetRect
SetWindowRgn
SetWindowPos
GetClassInfoExW
LoadCursorW
wsprintfW
RegisterClassExW
SetParent
GetParent
EnableWindow
IsWindowVisible
UpdateWindow
SendMessageW
ShowWindow
InvalidateRect
CallWindowProcW
GetWindowLongW
SetWindowLongW
GetFocus
IsChild
DefWindowProcW
DestroyAcceleratorTable
GetKeyState
IsWindow
DestroyWindow
UnionRect
PtInRect
GetDC
ReleaseDC
CharNextW
EqualRect

advapi32

RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegQueryValueExW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
OleRegEnumVerbs
OleRegGetUserType
CreateOleAdviseHolder
OleRegGetMiscStatus
CreateDataAdviseHolder
GetHGlobalFromStream
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal

oleaut32

SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString
SysAllocString
OleCreatePropertyFrame
VariantClear
SysAllocStringLen
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
SysReAllocStringLen
VariantInit
OleLoadPicture
OleTranslateColor
OleCreatePictureIndirect
SafeArrayCopy
SafeArrayPutElement
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetVartype
DispCallFunc
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayDestroy
SafeArrayCreateVector
OleCreateFontIndirect

gdi32

GetClipBox
SetViewportExtEx
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
PatBlt
StretchBlt
GetObjectType
CreateSolidBrush
DeleteObject
CreateEnhMetaFileW
SetWindowExtEx
CloseEnhMetaFile
CreateRectRgnIndirect
CreateDCW
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

678c0342f62e0c0834b7c9bf7708be3f

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

ole32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 88KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 102KB - Virtual size: 101KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 88KB - Virtual size: 88KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 102KB - Virtual size: 101KB

.reloc
Size: 7KB - Virtual size: 6KB