409dbd3a33e576b78192dd620ff5847630f0785db8ab304806b5abddab55ef8e

Sharing

Copy URL Twitter E-mail

General

Target

409dbd3a33e576b78192dd620ff5847630f0785db8ab304806b5abddab55ef8e
Size

320KB
MD5

b63c8afd7ea48a4b673d1aa985c634f1
SHA1

b77721c8731d75767e202b215eb2709b80627d14
SHA256

409dbd3a33e576b78192dd620ff5847630f0785db8ab304806b5abddab55ef8e
SHA512

5394febcb86beed63e93bca123803eeecc6619201c1524b4c14610ec66bd4a03ecd6cfff872bec21179f9d7bf24b293bfb7079eb994b823f717d337d57d6fc61
SSDEEP

3072:vXY1JtU2M3bZVMQI7dco3fwVlJEY54PwhHwdoq9xTjVf4uuKLo54VLwWuu:CdM3bZVML7K0f+5zhHHq9xT+cVXuu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
409dbd3a33e576b78192dd620ff5847630f0785db8ab304806b5abddab55ef8e

Files

409dbd3a33e576b78192dd620ff5847630f0785db8ab304806b5abddab55ef8e
.dll regsvr32 windows:5 windows x86 arch:x86

463401f61c44b0d918f1e23374db995b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
RaiseException
HeapReAlloc
Sleep
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCommandLineA
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
HeapFree
HeapAlloc
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
lstrlenA
CloseHandle
WritePrivateProfileStringW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
InterlockedExchange
InterlockedDecrement
WideCharToMultiByte
GlobalAlloc
FormatMessageW
LocalFree
GetCurrentProcessId
GetModuleFileNameW
MulDiv
GetModuleHandleA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
FreeLibrary
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
lstrlenW
SizeofResource
GlobalLock
GlobalUnlock
GlobalFree
FindResourceW
LoadResource
LockResource
FreeResource
ExitProcess
MultiByteToWideChar
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
GetTickCount
SetLastError

user32

LoadCursorW
GetSysColorBrush
DestroyMenu
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
GetWindowThreadProcessId
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
ShowWindow
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
PostMessageW
GetMenuItemID
GetMenuItemCount
EnableWindow
LoadBitmapW
SendMessageW
ReleaseDC
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
PtInRect
GetDlgCtrlID
DefWindowProcW
RegisterWindowMessageW
InvalidateRect
LoadIconW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSysColor
FillRect
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetWindowRect
GetSubMenu
GetDC
CopyRect
SendDlgItemMessageW

gdi32

DeleteDC
GetStockObject
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
PtVisible
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
CreateSolidBrush
CreateCompatibleDC
DeleteObject
MoveToEx
LineTo
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
BitBlt
CreateCompatibleBitmap
RectVisible

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

DllRegisterClass
DllRegisterServer
DllUnregisterClass
DllUnregisterServer

Sections

.text
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

463401f61c44b0d918f1e23374db995b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

Exports

Exports

Sections

.text Size: 243KB - Virtual size: 243KB

.rdata Size: 56KB - Virtual size: 56KB

.data Size: 9KB - Virtual size: 25KB

.rsrc Size: 235KB - Virtual size: 235KB

.reloc Size: 54KB - Virtual size: 53KB

.text
Size: 243KB - Virtual size: 243KB

.rdata
Size: 56KB - Virtual size: 56KB

.data
Size: 9KB - Virtual size: 25KB

.rsrc
Size: 235KB - Virtual size: 235KB

.reloc
Size: 54KB - Virtual size: 53KB