ff04e8b4675bf774fc7c0fd0c67a20d66c1a295b7cec1a46ca25487cc48e8714

Sharing

Copy URL

Twitter E-mail

General

Target

ff04e8b4675bf774fc7c0fd0c67a20d66c1a295b7cec1a46ca25487cc48e8714
Size

688KB
MD5

04d9fea323500e6c2f18cdfd3b8fcdeb
SHA1

6c25195f05132bac351fcad3debe272d9ad2ee97
SHA256

ff04e8b4675bf774fc7c0fd0c67a20d66c1a295b7cec1a46ca25487cc48e8714
SHA512

ccb07fa13b52052aff109c05be92ae718adf13f24b85316451c156f7884d744249608f5fa2b7ea34de816199e8d64891ced60087d2f6feb09ab372b59905620f
SSDEEP

12288:KFxGsTPy4BHT4Sj1zfpf7ABqDLkWynCsZ:obPy44Y1tf7VDLkNnh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff04e8b4675bf774fc7c0fd0c67a20d66c1a295b7cec1a46ca25487cc48e8714

Files

ff04e8b4675bf774fc7c0fd0c67a20d66c1a295b7cec1a46ca25487cc48e8714
.dll regsvr32 windows:4 windows x86 arch:x86

a38617efee413c2d5919637769ddb6a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
RtlUnwind
RaiseException
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
Sleep
GetStdHandle
GetTimeZoneInformation
GetACP
SetHandleCount
GetFileType
GetStartupInfoA
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDateFormatA
GetTimeFormatA
GetDriveTypeA
SetEnvironmentVariableA
HeapReAlloc
VirtualAlloc
SetCurrentDirectoryA
HeapAlloc
HeapFree
GetTickCount
GetCurrentDirectoryA
LocalFileTimeToFileTime
CreateFileA
GetShortPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetOEMCP
GetCPInfo
InterlockedIncrement
SystemTimeToFileTime
GetThreadLocale
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
CloseHandle
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
GetModuleFileNameA
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetVersionExA
GlobalFree
GlobalAlloc
FormatMessageA
LocalFree
GlobalLock
GlobalUnlock
MulDiv
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
FreeLibrary
InterlockedDecrement
LockResource
SizeofResource
LoadResource
FindResourceA
ExitProcess
GetVersion
CompareStringA
GetModuleHandleA
LoadLibraryA
GetProcAddress
lstrcmpiA
SetLastError
GetLastError
InterlockedExchange
GetStringTypeExA
MultiByteToWideChar
CompareStringW
WideCharToMultiByte
lstrlenA
FreeEnvironmentStringsA
GetComputerNameA

user32

CopyAcceleratorTableA
CreateMenu
PostThreadMessageA
GetTabbedTextExtentA
RegisterClipboardFormatA
GetSysColorBrush
UnregisterClassA
LoadCursorA
DestroyCursor
SetCursorPos
SetCapture
RedrawWindow
InflateRect
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
SetMenu
TranslateAcceleratorA
IsZoomed
WindowFromPoint
KillTimer
SetTimer
SetRect
SetParent
GetSystemMenu
DeleteMenu
SetRectEmpty
IsRectEmpty
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
GetWindowThreadProcessId
ShowOwnedPopups
SetCursor
PostQuitMessage
IsWindowEnabled
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetMenu
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
DefWindowProcA
CallWindowProcA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetWindowRgn
DrawIcon
FindWindowA
LockWindowUpdate
GetDCEx
DestroyIcon
GetClassLongA
GetMenuItemInfoA
GetDlgCtrlID
IsChild
InvalidateRect
IsIconic
AdjustWindowRectEx
ReleaseDC
GetDC
GetClientRect
CopyRect
IsWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
ShowWindow
UpdateWindow
LoadBitmapA
CharUpperA
SendMessageA
SetWindowLongA
GetWindowLongA
EnableWindow
GetForegroundWindow

gdi32

DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
GetDeviceCaps
TextOutA
CreatePen
CreateSolidBrush
CreateDCA
GetBkColor
GetTextMetricsA
GetTextExtentPoint32A
GetCharWidthA
CreateFontA
StretchDIBits
CreateCompatibleBitmap
GetViewportOrgEx
DPtoLP
Rectangle
EndPage
SetAbortProc
AbortDoc
EndDoc
CreateFontIndirectA
SetRectRgn
CombineRgn
CreateEllipticRgn
LPtoDP
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetWindowOrgEx
RectVisible
PtVisible
StartDocA
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
StartPage
CreateBitmap
GetObjectA
CreateRectRgn
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
GetJobA

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
GetFileSecurityA
SetFileSecurityA
RegOpenKeyA
RegSetValueA
RegCloseKey
RegCreateKeyA

shell32

DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragFinish

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator

oleaut32

SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

Exports

Exports

DllRegisterServer

Sections

.text
Size: 360KB - Virtual size: 357KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a38617efee413c2d5919637769ddb6a9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 360KB - Virtual size: 357KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 176KB - Virtual size: 174KB

.reloc Size: 68KB - Virtual size: 66KB

.text
Size: 360KB - Virtual size: 357KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 176KB - Virtual size: 174KB

.reloc
Size: 68KB - Virtual size: 66KB