908f579769dfac57d2dc12448fc145b609f0e57eb0298d332de79e500296c369N

Sharing

Copy URL Twitter E-mail

General

Target

908f579769dfac57d2dc12448fc145b609f0e57eb0298d332de79e500296c369N
Size

112KB
MD5

f316867cebfbff811b3a4bd36b3fa8d0
SHA1

0a80bcafc44310ab2a2d1ca1de17b94b54453df1
SHA256

908f579769dfac57d2dc12448fc145b609f0e57eb0298d332de79e500296c369
SHA512

8549274867c76df980303c51e959803af46a610fbe87aad1de2cbb6f9be2691330740d34893bc26ecebe6eb2fd4896343a0dd1183c8310cb6045826d6acfeeeb
SSDEEP

1536:ZOP6hmZzmzYdJFH9bfO70tpOWS7cp7dsBYEmKT/v9bWw1iHqL8AcvYcbTpSTW:ZqzrPFHkYOv7imhzT/JhiCyvYcXpSi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
908f579769dfac57d2dc12448fc145b609f0e57eb0298d332de79e500296c369N

Files

908f579769dfac57d2dc12448fc145b609f0e57eb0298d332de79e500296c369N
.dll regsvr32 windows:4 windows x86 arch:x86

7eadd6b7bcdba0e2f33580ffaa7fe213

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
GetLastError
ReleaseMutex
CreateProcessA
CreateThread
GetProcAddress
GetCurrentProcessId
ReadFile
EnterCriticalSection
InterlockedDecrement
InitializeCriticalSection
GetModuleHandleA
HeapFree
MapViewOfFile
DeleteFileA
LeaveCriticalSection
WriteFile
LoadLibraryA
CreateDirectoryA
InterlockedIncrement
Sleep
GetComputerNameA
WaitForSingleObject
CreateMutexA
ExpandEnvironmentStringsA
GetSystemTimeAsFileTime
GetModuleFileNameA
SetSystemTime
PeekConsoleInputW
GetTimeZoneInformation
GetStringTypeA
SetLastError
TerminateThread
SetVolumeLabelW
TerminateProcess
GetSystemWow64DirectoryW
CompareStringA
IsBadStringPtrW
IsBadStringPtrA
CancelIo
FillConsoleOutputAttribute
CreateTimerQueueTimer
CreateFileW
FindResourceExW
GetTempFileNameW
OpenJobObjectW
GetSystemDefaultLangID
WaitNamedPipeA
GetAtomNameW
GlobalFlags
GetProcessAffinityMask
SetConsoleScreenBufferSize
EnumResourceNamesW
HeapCompact
RegisterWaitForSingleObject
RemoveDirectoryA
FileTimeToLocalFileTime
GetStringTypeExW
GetBinaryTypeA
FormatMessageA
SetEndOfFile
FreeResource
HeapSetInformation
CreateWaitableTimerA
WriteConsoleW
GetCompressedFileSizeW
GetDateFormatW
GetTimeFormatW
WriteConsoleInputA
FindCloseChangeNotification
GetVolumeInformationW
TerminateJobObject
WinExec
GetCurrentDirectoryA
OpenFileMappingA
GetDriveTypeW
ReadFileEx
FileTimeToSystemTime
SetDefaultCommConfigW
SetEnvironmentVariableA
CreateMailslotA
GlobalMemoryStatus
ReadConsoleInputW
PurgeComm
SetProcessWorkingSetSize
SetCurrentDirectoryA
TryEnterCriticalSection
SearchPathA
EnumResourceLanguagesA
lstrcatW
WriteProfileStringW
GetSystemTimeAdjustment
VirtualQueryEx
GetStdHandle
GlobalGetAtomNameA
ReadConsoleInputA
CreateConsoleScreenBuffer
GetProfileStringW
VerLanguageNameW
GetFullPathNameW
FindFirstChangeNotificationA
SetWaitableTimer
TransactNamedPipe
lstrcpynA
VirtualAllocEx
PeekConsoleInputA
IsBadHugeReadPtr
SetFileAttributesA
FormatMessageW
WriteProfileStringA
SetVolumeLabelA
GetDefaultCommConfigW
GetThreadContext
CreateFileMappingW
GetSystemTime
CreateSemaphoreA
GetProfileIntW
GetNumberFormatA
FreeLibraryAndExitThread
GetVolumePathNameW
CreateJobObjectW
ReplaceFileW
SetConsoleWindowInfo
CallNamedPipeA
EnumSystemLocalesA
HeapSize
HeapUnlock
OpenSemaphoreW
ReleaseSemaphore
LockResource
VerifyVersionInfoA
FindClose
ConnectNamedPipe
GetDiskFreeSpaceExW
LocalUnlock
MoveFileExA
GetEnvironmentStringsW
FlushConsoleInputBuffer
IsBadCodePtr
SetHandleCount
RegisterWaitForSingleObjectEx
GetTempFileNameA
GetShortPathNameW
WaitForMultipleObjects
DisconnectNamedPipe
FindNextChangeNotification
CopyFileExW
DuplicateHandle
SetFileTime
GetTapeParameters
VirtualUnlock
GetConsoleMode

ole32

PropVariantCopy
OleSetMenuDescriptor
CoRegisterMessageFilter
OleCreateLinkFromData
GetHGlobalFromILockBytes
FreePropVariantArray
CoFreeUnusedLibrariesEx
CoCreateFreeThreadedMarshaler
CreateItemMoniker
OleGetAutoConvert
StgCreateDocfile
ReadFmtUserTypeStg
OleCreateLink
CoMarshalInterThreadInterfaceInStream
CoLockObjectExternal
RegisterDragDrop
StgCreateDocfileOnILockBytes
BindMoniker
MkParseDisplayName
OleRegGetUserType
StgOpenStorageOnILockBytes
IIDFromString
OleInitialize
CoEnableCallCancellation
OleSaveToStream
CoFileTimeNow
CoTaskMemFree
CoCreateInstance
CoInitialize
CoTaskMemAlloc

shlwapi

PathRemoveBlanksW
StrCmpNIA
PathIsRootW
PathFileExistsA
PathGetCharTypeA
PathGetCharTypeW
wvnsprintfW
StrFormatKBSizeW
wnsprintfA
StrCpyW
StrCatBuffW
PathStripToRootW
PathFindFileNameA
PathFindFileNameW
PathRemoveFileSpecW
StrRetToStrW
UrlGetPartW
SHDeleteKeyA
PathIsURLW
wnsprintfW
SHRegSetPathW
SHSetValueW
PathParseIconLocationW
SHRegGetBoolUSValueW
PathGetDriveNumberW
PathCommonPrefixW
StrCatBuffA
UrlCanonicalizeW
StrNCatW
PathStripPathW
StrCmpNIW
UrlCombineW
PathRenameExtensionW
PathQuoteSpacesW
PathAddExtensionW
PathBuildRootW
PathIsUNCServerW
PathIsNetworkPathW

shell32

DragAcceptFiles
SHGetDesktopFolder
SHChangeNotify
SHBindToParent
ShellExecuteA
SHGetMalloc
ExtractIconExW
ExtractIconA
SHPathPrepareForWriteW
SHAppBarMessage
ShellAboutW
SHGetFolderPathA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7eadd6b7bcdba0e2f33580ffaa7fe213

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

shell32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB