DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
UUD_GetErrorInfo
UUD_GetErrorInfoEx
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
90549257adbd7385058b0d44d5553450N.dll
Resource
win7-20240708-en
windows7-x64
4 signatures
120 seconds
Behavioral task
behavioral2
Sample
90549257adbd7385058b0d44d5553450N.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
4 signatures
120 seconds
General
-
Target
90549257adbd7385058b0d44d5553450N.exe
-
Size
984KB
-
MD5
90549257adbd7385058b0d44d5553450
-
SHA1
7fbebab009c013a095fbccc8acd394ef6428dfa4
-
SHA256
92743c5926b3180124afed2a103d301d857ac889b67380b2880a19c9678d2e97
-
SHA512
a7c1ea863182aa6f03bffa3b5e8388d4c0bda9ee65b80581db55553d5cb31f60d463758349a9aa0f07d6315c0e12bdb49fb9b03147c0a14a4ba3e5ae56bd8279
-
SSDEEP
24576:9B9h1v5z5GnXi2JWDqbmOfV4QhlHZq3KWYgiTVidDH:93z2sDdQhlU3vYgiTVIH
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 90549257adbd7385058b0d44d5553450N.exe
Files
-
90549257adbd7385058b0d44d5553450N.exe.dll regsvr32 windows:4 windows x86 arch:x86
0ff50857ce0ffabffe63a2eefc541158
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
crypt32
CertFindChainInStore
CertOpenSystemStoreA
CertGetCertificateChain
CertNameToStrA
CertDeleteCertificateFromStore
CertOpenStore
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CryptQueryObject
CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertGetNameStringA
CertFreeCertificateContext
CertCloseStore
CertFindCertificateInStore
user32
SetActiveWindow
TrackPopupMenu
SetDlgItemInt
MapWindowPoints
FillRect
BeginPaint
IsWindow
RedrawWindow
GetClassNameA
GetDesktopWindow
CreateAcceleratorTableA
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
DestroyWindow
GetDlgItem
GetActiveWindow
DialogBoxIndirectParamA
RegisterClassExA
LoadCursorA
GetClassInfoExA
RegisterWindowMessageA
DefWindowProcA
GetWindow
SetWindowLongA
SetWindowTextA
LoadIconA
GetNextDlgTabItem
IsDialogMessageA
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
UnionRect
PtInRect
GetKeyState
DrawTextA
GetDialogBaseUnits
EnumChildWindows
GetWindowTextA
GetWindowTextLengthA
GetWindowLongA
EndDialog
CreateDialogIndirectParamA
SetWindowPos
GetDlgItemInt
CreateWindowExA
wsprintfA
LoadStringA
GetClientRect
GetSystemMetrics
LoadImageA
DestroyIcon
ShowCursor
SetCursor
SetForegroundWindow
SystemParametersInfoA
IsWindowVisible
LoadMenuA
GetSubMenu
EnableMenuItem
SetMenuItemInfoA
CheckMenuItem
EnableWindow
CharNextA
GetWindowRect
GetParent
SendMessageA
UpdateWindow
MoveWindow
ShowWindow
GetSysColor
PostMessageA
MessageBoxA
SetFocus
IsChild
GetFocus
ReleaseDC
GetDC
CallWindowProcA
EndPaint
CheckDlgButton
IsDlgButtonChecked
KillTimer
GetDlgItemTextA
SetTimer
SetDlgItemTextA
kernel32
GetCurrentProcessId
LoadLibraryA
FreeLibrary
CreateProcessA
GetProcAddress
GetLastError
CopyFileA
GetSystemDirectoryA
TerminateProcess
OpenProcess
GetModuleHandleA
LocalFree
FormatMessageA
SetEnvironmentVariableA
WritePrivateProfileStringA
CloseHandle
OpenMutexA
ReleaseMutex
CreateMutexA
FlushInstructionCache
GetUserDefaultLangID
GetModuleFileNameA
lstrcatA
Sleep
GetVersion
WaitForSingleObject
GetTickCount
GetCurrentProcess
GetVersionExA
CreateThread
lstrcpyA
DeleteFileA
WideCharToMultiByte
TerminateThread
GetExitCodeThread
CreateEventA
SetEvent
GetFileSize
CreateFileA
GetPrivateProfileStringA
GetEnvironmentVariableA
lstrlenA
GlobalFree
WriteProcessMemory
GlobalHandle
GetSystemTime
SystemTimeToFileTime
ResumeThread
SetLastError
ReadFile
SetFilePointer
GetCurrentThreadId
GetSystemDefaultLCID
GetFullPathNameA
GetUserDefaultLCID
ExpandEnvironmentStringsA
GetLogicalDriveStringsA
SearchPathA
CreateDirectoryA
FindResourceExA
GetPrivateProfileIntA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetExitCodeProcess
CompareFileTime
DuplicateHandle
CreateSemaphoreA
MoveFileExA
ReleaseSemaphore
WriteFile
GetTempFileNameA
GetTempPathA
ResetEvent
GetFileAttributesA
QueryPerformanceCounter
WaitForMultipleObjects
GlobalMemoryStatus
LeaveCriticalSection
EnterCriticalSection
GetShortPathNameA
SizeofResource
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
DeviceIoControl
ReadProcessMemory
MultiByteToWideChar
GlobalUnlock
lstrlenW
GetComputerNameA
CancelIo
GetOverlappedResult
GlobalLock
GetStdHandle
FlushConsoleInputBuffer
GetBinaryTypeA
InterlockedIncrement
LockResource
MulDiv
LoadResource
FindResourceA
GlobalAlloc
VirtualProtectEx
SetThreadContext
InterlockedDecrement
lstrcmpA
GetThreadContext
SuspendThread
LocalAlloc
gdi32
GetStockObject
GetDeviceCaps
DeleteDC
BitBlt
SelectObject
CreateRectRgnIndirect
SetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
SetWindowOrgEx
SaveDC
LPtoDP
DeleteObject
CreateDCA
CreateSolidBrush
GetTextExtentPointA
SetMapMode
GetTextMetricsA
GetObjectA
CloseMetaFile
DeleteMetaFile
CreateMetaFileA
SetWindowExtEx
CreateFontIndirectA
SetBkMode
RestoreDC
SetViewportOrgEx
SetBkColor
ws2_32
WSAEnumNameSpaceProvidersA
htons
inet_addr
WSAGetLastError
socket
closesocket
shutdown
ntohl
recv
select
gethostbyname
ntohs
WSCInstallNameSpace
setsockopt
connect
inet_ntoa
WSAEventSelect
WSACreateEvent
ioctlsocket
send
WSAEnumNameSpaceProvidersW
WSASocketA
WSCUnInstallNameSpace
gethostname
getsockopt
WSACleanup
WSAStartup
advapi32
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExA
RegCloseKey
RegCreateKeyA
RegOpenKeyA
CloseServiceHandle
OpenServiceA
RegQueryValueExA
QueryServiceStatus
RegDeleteKeyA
OpenSCManagerA
QueryServiceConfigA
RegSetValueA
ChangeServiceConfigA
RegOpenKeyExA
GetUserNameA
RegQueryValueA
RegDeleteValueA
RegEnumKeyExA
RegCreateKeyExA
RegEnumValueA
AdjustTokenPrivileges
RegQueryInfoKeyA
LookupPrivilegeValueA
OpenProcessToken
CryptAcquireContextA
CryptGetUserKey
CryptCreateHash
CryptHashData
CryptSignHashA
CryptDestroyHash
CryptDestroyKey
CryptReleaseContext
DeleteService
StartServiceA
RegEnumKeyA
LogonUserA
CreateServiceA
iphlpapi
GetBestRoute
CreateIpForwardEntry
IpRenewAddress
GetInterfaceInfo
GetAdaptersInfo
IpReleaseAddress
GetIpForwardTable
SetIpForwardEntry
GetIpAddrTable
DeleteIpForwardEntry
version
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
rpcrt4
RpcStringFreeA
UuidToStringA
wininet
InternetCrackUrlA
InternetCloseHandle
HttpQueryInfoA
HttpSendRequestA
InternetSetOptionA
InternetErrorDlg
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetReadFile
shlwapi
StrRStrIA
SHDeleteKeyA
StrStrIA
comdlg32
GetSaveFileNameA
GetOpenFileNameA
shell32
ShellExecuteA
SHGetSpecialFolderLocation
ExtractIconA
CommandLineToArgvW
SHGetMalloc
SHGetPathFromIDListA
SHGetFileInfoA
psapi
GetModuleBaseNameA
EnumProcessModules
EnumProcesses
comctl32
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Remove
ImageList_SetBkColor
ImageList_Create
ImageList_GetIcon
ImageList_GetImageCount
mpr
WNetCancelConnectionA
WNetUseConnectionA
mfc42
ord5199
ord2396
ord269
ord826
ord3346
ord5289
ord3953
ord561
ord600
ord1578
ord4079
ord5300
ord5302
ord4698
ord5307
ord1168
ord3738
ord5714
ord4622
ord2725
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1089
ord3922
ord5731
ord2512
ord2554
ord1131
ord1228
ord6778
ord567
ord641
ord616
ord860
ord3597
ord4486
ord800
ord4425
ord6375
ord4627
ord3825
ord3831
ord3079
ord2976
ord3081
ord3830
ord3262
ord815
ord2985
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord540
ord5163
ord537
ord4407
ord1775
ord5241
ord6052
ord4998
ord4078
ord3582
ord4424
ord5265
ord5290
ord4398
ord3402
ord6055
ord2578
ord1776
ord2023
ord2411
ord4218
ord1116
ord324
ord2301
ord2289
ord2370
ord2302
ord4234
ord6283
ord6282
ord858
ord6334
ord4853
ord5981
ord4274
ord2379
ord4204
ord2764
ord941
ord939
ord6662
ord4278
ord4277
ord6467
ord3317
ord3097
ord2614
ord535
ord4224
ord1176
ord1575
ord1577
ord2818
ord924
ord2915
ord5572
ord3092
ord4080
ord2385
ord4299
ord825
ord823
ord4055
ord3093
ord6215
ord6880
ord4710
ord1779
ord5953
ord6199
ord2642
ord2514
ord4376
msvcrt
_adjust_fdiv
tolower
strncmp
_except_handler3
printf
_mbsnbcpy
wcsncpy
_purecall
_vsnprintf
localtime
_strnicmp
memmove
isprint
sscanf
fread
ftell
fseek
_pctype
__mb_cur_max
_isctype
bsearch
qsort
abort
fprintf
srand
rand
_iob
memchr
strcmp
_errno
_stricmp
_access
_memicmp
_fileno
_getch
strrchr
strstr
strncpy
fflush
_setmode
fputs
signal
getenv
fgets
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
realloc
atoi
_mbscmp
wcslen
strchr
strlen
sprintf
fwrite
malloc
sqrt
strcat
atol
time
fclose
strcpy
_ftol
fopen
memset
_snprintf
_mbsicmp
free
__CxxFrameHandler
_EH_prolog
memcpy
memcmp
_CxxThrowException
ole32
CoTaskMemRealloc
OleLockRunning
CoTaskMemAlloc
WriteClassStm
OleRegEnumVerbs
OleSaveToStream
OleRegGetUserType
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CreateOleAdviseHolder
OleRegGetMiscStatus
CreateDataAdviseHolder
OleLoadFromStream
CoCreateGuid
CoTaskMemFree
StringFromCLSID
CoCreateInstance
olepro32
ord250
ord254
ord253
oleaut32
LoadTypeLi
SysAllocStringByteLen
RegisterTypeLi
SysStringByteLen
VariantClear
LoadRegTypeLi
SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen
VariantChangeType
VarUI4FromStr
urlmon
URLDownloadToFileA
msvcp60
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Xlen@std@@YAXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Copy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0Init@ios_base@std@@QAE@XZ
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?_Init@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@12@@Z
??_8?$basic_fstream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_fstream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??_7?$basic_fstream@DU?$char_traits@D@std@@@std@@6B@
?open@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?getline@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?close@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@XZ
??1?$basic_fstream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_filebuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??_8?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B@
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??_7?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
?copy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPAGII@Z
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_7?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
?_Tidy@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEXXZ
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??1locale@std@@QAE@XZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??1ios_base@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?_Xran@std@@YAXXZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?clear@ios_base@std@@QAEXH_N@Z
Exports
Exports
Sections
.text Size: 528KB - Virtual size: 526KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 96KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 64KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 240KB - Virtual size: 236KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 52KB - Virtual size: 51KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ