d0a3bfd4a51ca8d3bbc6e734fbeecc60N

Sharing

Copy URL Twitter E-mail

General

Target

d0a3bfd4a51ca8d3bbc6e734fbeecc60N
Size

99KB
MD5

d0a3bfd4a51ca8d3bbc6e734fbeecc60
SHA1

fd2fa094061065e3f6a2239901f5270ace4dcb26
SHA256

1b796990837835bac2c1f8ff85fae47b7466d9a4adce371a5ea4a72e008d19ba
SHA512

c81c87d7cda13e689cba7b9dd41395322eb687779764a0f05d986b439ef348c5f5722713be397c720c04fe87995ecb5c2a569e21ca0613741fce6eefa5063334
SSDEEP

1536:dCkXPxYbAVFYytdtXD571K8XQui+aFBZxH3OwenyrKm5GDES575Y+NPyFF:UmxDF5tGVFBZxHeB46VYdF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0a3bfd4a51ca8d3bbc6e734fbeecc60N

Files

d0a3bfd4a51ca8d3bbc6e734fbeecc60N
.dll regsvr32 windows:4 windows x64 arch:x64

288f66d19a82b21d0300bb6d50128007

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

gdi32

DeleteObject

ole32

CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

user32

LoadStringW
RegisterClipboardFormatW
InsertMenuItemW
CharUpperW
LoadBitmapW
DestroyMenu
CreatePopupMenu
MessageBoxW

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey

shell32

SHGetDesktopFolder
SHGetPathFromIDListW

msvcrt

memcpy
_CxxThrowException
__CxxFrameHandler
memmove
wcscmp
wcsstr
malloc
free
srand
rand
memset
memcmp
wcslen
__C_specific_handler
??1type_info@@UEAA@XZ
__dllonexit
_onexit
_initterm
?terminate@@YAXXZ

kernel32

GetSystemDefaultLangID
GetUserDefaultLangID
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WaitForMultipleObjects
CreateEventW
WaitForSingleObject
UnmapViewOfFile
CreateFileMappingW
GetSystemTimeAsFileTime
GlobalSize
GlobalUnlock
GlobalLock
lstrlenW
CreateProcessW
GetModuleHandleW
GetProcAddress
GetCurrentProcess
InitializeCriticalSection
Sleep
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
MapViewOfFile
ReadFile
GetFileSize
GetFileAttributesW
FindNextStreamW
FindFirstStreamW
FindFirstFileW
FindClose
GetFileInformationByHandle
GetCurrentThreadId
GetCurrentProcessId
SetLastError
GetCurrentDirectoryW
CreateFileW
RtlCaptureContext
SetFileTime
GetTickCount
GetLastError
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameW
LocalFree
FormatMessageW
CloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 634B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

288f66d19a82b21d0300bb6d50128007

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

ole32

user32

advapi32

shell32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 6KB - Virtual size: 5KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 634B

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 634B