707d1cff32b2d174a27cb1fbde75a71fbd4d8b0fed8eede36afe444fdb013f10

Sharing

Copy URL Twitter E-mail

General

Target

707d1cff32b2d174a27cb1fbde75a71fbd4d8b0fed8eede36afe444fdb013f10
Size

199KB
MD5

fcebb4e81cd2519b4a0755fe0e7c01e2
SHA1

39307ae6fc41456f46a6999f453abf59dfad5886
SHA256

707d1cff32b2d174a27cb1fbde75a71fbd4d8b0fed8eede36afe444fdb013f10
SHA512

d108c1321b77406a2ca3f1536220a9fbf96a9cd0d0d33ad255743ffb0f7f2e0d85a106091b6a6764c622f01df2856c43d134240a6a233fdb823ece110a8d7196
SSDEEP

6144:VU6fbiR7jrqSO/wD9chNNku19hw4HCmaQkhwucR/EkHguT:VsjUoc/Nb1jw4HCmanhwxRM6g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
707d1cff32b2d174a27cb1fbde75a71fbd4d8b0fed8eede36afe444fdb013f10

Files

707d1cff32b2d174a27cb1fbde75a71fbd4d8b0fed8eede36afe444fdb013f10
.dll regsvr32 windows:5 windows x86 arch:x86

548cd1f4027b2acbb7c2c6f0f1ebdae5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_wcsicmp
fclose
sscanf
fgets
fopen
_purecall
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ
__CxxFrameHandler
_onexit
__dllonexit
_adjust_fdiv
_initterm
_CxxThrowException
_stricmp
_beginthreadex
_endthreadex
memmove
malloc
free
fprintf

atl

ord18
ord32
ord22
ord16
ord15
ord21

iisrtl

IISSetCriticalSectionSpinCount

user32

LoadStringA

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA

ole32

CoTaskMemFree
StringFromCLSID
CoCreateFreeThreadedMarshaler

oleaut32

LoadRegTypeLi
SetErrorInfo
VariantInit
VariantClear
VariantChangeType
SysFreeString
SysAllocString
SysAllocStringLen
SysStringLen

comsvcs

GetObjectContext

kernel32

InterlockedDecrement
InterlockedExchange
ExpandEnvironmentStringsA
lstrlenA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
DisableThreadLibraryCalls
GetLastError
CloseHandle
GetModuleHandleA
GetModuleFileNameA
lstrcmpiA
ResetEvent
CreateEventA
SetEvent
WaitForSingleObject
WaitForMultipleObjects
LocalFree
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

548cd1f4027b2acbb7c2c6f0f1ebdae5

Headers

File Characteristics

Imports

msvcrt

atl

iisrtl

user32

advapi32

ole32

oleaut32

comsvcs

kernel32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.data Size: 168KB - Virtual size: 168KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 23KB - Virtual size: 23KB

.data
Size: 168KB - Virtual size: 168KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 2KB