fccf3d0c14f7f3f9ae77b916a6353f80N

Sharing

Copy URL

Twitter E-mail

General

Target

fccf3d0c14f7f3f9ae77b916a6353f80N
Size

1.8MB
MD5

fccf3d0c14f7f3f9ae77b916a6353f80
SHA1

fa25bd859cd87f3999c07574f19d6fa168cfddff
SHA256

61fc313e54d96047f6b206906009543f92547bf8fbb4915800b483719d9e87d1
SHA512

e21a10c4ddcd9d099daf6be9973a77fb9554587445f36a2fb2aa381f9f5977c7f4e5505c39ee53f88d1241a0f46e9282700cee81090d4b6bc9201d6ffed0ebcb
SSDEEP

12288:YZ9P/uSnS6vWaqmZ8YkPaS0MaJvyq6fW/oe5bieuDmGBd:YDP/jSUF8YkPkMST6fxYueuS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fccf3d0c14f7f3f9ae77b916a6353f80N

Files

fccf3d0c14f7f3f9ae77b916a6353f80N
.dll regsvr32 windows:5 windows x64 arch:x64

d3de04b9b41f64ad270a5eae916379ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

advapi32

RegSetValueExW
RegDeleteKeyW
RegCloseKey
RegSetValueW
RegCreateKeyExW

gdi32

PatBlt
SelectObject
GetStockObject

user32

SetForegroundWindow
AttachThreadInput
IsWindowVisible
IsWindowEnabled
GetWindowTextW
FindWindowW
GetDesktopWindow
CharUpperBuffW
PeekMessageA
GetMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
TranslateMDISysAccel
LoadCursorW
GetClassLongPtrA
SetCursor
ReleaseDC
SetCursorPos
ClientToScreen
ScreenToClient
GetDCEx
GetCursorPos
MapWindowPoints
GetWindowRect
GetWindowThreadProcessId
InvalidateRect
GetKeyState
GetAsyncKeyState
IsChild
GetFocus
GetWindow
SetFocus
EnumChildWindows
SendMessageW
GetParent
GetClassWord
GetWindowLongPtrA
GetClassNameW
WaitForInputIdle
DestroyWindow
CharLowerBuffW
MessageBoxW
PostMessageW

ole32

StringFromGUID2
CoTaskMemFree
BindMoniker
MkParseDisplayName
CreateBindCtx
CLSIDFromProgIDEx
CoCreateInstance

kernel32

GetProcessHeap
GetLocaleInfoA
lstrlenA
GetFileSizeEx
CreateFileW
ReadFile
SetFilePointer
WideCharToMultiByte
WriteFile
GetLocalTime
LCMapStringW
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcessId
FreeEnvironmentStringsW
GetEnvironmentStringsW
CloseHandle
CreateProcessW
VirtualFree
GetModuleFileNameW
FindFirstFileW
FindNextFileW
GetVolumePathNameW
GetFullPathNameW
GetVolumeInformationW
FindClose
CompareStringW
GetUserDefaultLCID
SetCurrentDirectoryW
GetCurrentDirectoryW
lstrlenW
FormatMessageW
HeapAlloc
HeapFree
Sleep
MultiByteToWideChar
GetLastError

oleaut32

LoadTypeLi
VarR4FromStr
SafeArrayUnaccessData
SafeArrayAccessData
VarBstrFromR4
VarBstrFromUI1
VarNot
SafeArrayAllocDescriptor
VarInt
VarUdateFromDate
VarDateFromUdate
VarAdd
SafeArrayGetVartype
VarMul
VarFormat
VarBstrFromI2
VarI2FromStr
VarBstrFromR8
SafeArrayDestroyData
SafeArrayCreate
SafeArrayCopy
SafeArrayRedim
SafeArrayDestroyDescriptor
SafeArrayAllocData
SafeArrayAllocDescriptorEx
VarBstrFromI8
VarSu
GetActiveObject
SafeArrayPtrOfIndex
SafeArrayLock
VarCmp
SafeArrayUnlock
SafeArrayDestroy
VarBoolFromStr
VarR8FromStr
VarNumFromParseNum
VarParseNumFromStr
VarBstrCmp
VarBstrCat
VarBstrFromI4
GetErrorInfo
SetErrorInfo
VariantCopyInd
VariantCopy
SysAllocStringLen
VarCat
SysAllocString
VariantChangeTypeEx
SysAllocStringByteLen
VarI4FromStr
VariantClear
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
New_WebCookie
New_WebDriver
New_WebDriverManager
New_WebElements
New_WebJsonConverter
New_WebKeyboard
New_WebPrintSettings

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 292KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3de04b9b41f64ad270a5eae916379ee

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

user32

ole32

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.data Size: 292KB - Virtual size: 296KB

.rdata Size: 45KB - Virtual size: 48KB

.idata Size: 4KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 8KB

.rsrc Size: 90KB - Virtual size: 92KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 292KB - Virtual size: 296KB

.rdata
Size: 45KB - Virtual size: 48KB

.idata
Size: 4KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 90KB - Virtual size: 92KB