a003f5df66ed72c4f82051adc83bb810N

Sharing

Copy URL Twitter E-mail

General

Target

a003f5df66ed72c4f82051adc83bb810N
Size

180KB
MD5

a003f5df66ed72c4f82051adc83bb810
SHA1

1d8ce7f9fbe9945b75741c3b8decd444a1a8943b
SHA256

c647e19483e972d3a9239b47a1061552fd20f30422552f021de803500750f472
SHA512

df2276370daeabe8b95047865e4dd7d87442ef5aae6b7fb509715415325ebb71cf4d9550b78c9e5d67ac43cbb9b624e03ebfc61e0b549c2aad6d4b293bbbd783
SSDEEP

3072:66DKtklXceLE4UVJVEB33to2lQBV+UdE+rECWp7hK6uqo+R:69+LE1gJgBV+UdvrEFp7hK6uqo+R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a003f5df66ed72c4f82051adc83bb810N

Files

a003f5df66ed72c4f82051adc83bb810N
.dll regsvr32 windows:4 windows x86 arch:x86

99c4b9a4d5ace1e2cef415ae2bf2175b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA

kernel32

DeleteCriticalSection
GetProcessHeap
InitializeCriticalSection
FreeLibrary
GetVersion
OpenFile
lstrcpynA
lstrcatA
lstrcpyA
WideCharToMultiByte
HeapReAlloc
lstrlenW
LoadLibraryA
GetLocaleInfoA
GetTickCount
TlsAlloc
CloseHandle
TlsFree
TlsSetValue
CreateEventA
GetCurrentThreadId
TlsGetValue
WaitForSingleObject
SetEvent
ResetEvent
HeapAlloc
GetModuleFileNameA
lstrlenA
EnterCriticalSection
MultiByteToWideChar
HeapFree
InterlockedIncrement
LeaveCriticalSection
InterlockedDecrement
GetWindowsDirectoryA

user32

EndDialog
DialogBoxParamA
DrawIcon
DrawEdge
LoadIconA
IsWindow
LoadCursorA
wsprintfA
CharNextA
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
SetTimer
PostThreadMessageA
SetFocus
EnumThreadWindows
EnableWindow
IntersectRect
EqualRect
SetWindowRgn
GetParent
ClientToScreen
GetWindowRect
DestroyWindow
SetWindowLongA
SetWindowPos
GetSystemMetrics
GetActiveWindow
LoadStringA
BeginPaint
GetClientRect
EndPaint
SetParent
IsWindowVisible
DefWindowProcA
IsDialogMessageA
UnregisterClassA
ShowWindow
SendMessageA
ReleaseDC
PtInRect
OffsetRect
GetKeyState
RegisterClassA
CreateWindowExA
CreateDialogParamA
GetWindowLongA
SendMessageTimeoutA
GetDC

gdi32

CreateRectRgnIndirect
SetWindowExtEx
SetMapMode
SetViewportExtEx
GetWindowExtEx
SetWindowOrgEx
GetViewportExtEx
SetViewportOrgEx
GetDeviceCaps
LPtoDP
DeleteObject
CreateDCA
DeleteDC

ole32

CLSIDFromProgID
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CreateOleAdviseHolder

oleaut32

SafeArrayGetUBound
SafeArrayGetLBound
VariantChangeTypeEx
SafeArrayUnaccessData
LHashValOfNameSys
SafeArrayAccessData
SysAllocString
SysAllocStringLen
SysStringLen
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLibEx
VariantChangeType
VariantClear
SysFreeString
CreateErrorInfo
SetErrorInfo
OleCreatePropertyFrame
LoadRegTypeLi
LoadTypeLi
VariantCopyInd

msvcrt

__dllonexit
_wcsicmp
_purecall
wcslen
_onexit
free
_initterm
malloc
_adjust_fdiv
_beginthreadex

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99c4b9a4d5ace1e2cef415ae2bf2175b

Headers

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

ole32

oleaut32

msvcrt

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 20KB - Virtual size: 17KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 20KB - Virtual size: 17KB

.reloc
Size: 8KB - Virtual size: 4KB