221c232d7f22ee424afc7cd967edffbbcb21cba7c24c3d5d26efa0227f807d60N

Sharing

Copy URL

Twitter E-mail

General

Target

221c232d7f22ee424afc7cd967edffbbcb21cba7c24c3d5d26efa0227f807d60N
Size

152KB
MD5

60ff3b54fb3a33340c32e2aab9768c10
SHA1

ebd3f4997a8c1c2856ec0ead208ecaf43524f77a
SHA256

221c232d7f22ee424afc7cd967edffbbcb21cba7c24c3d5d26efa0227f807d60
SHA512

fafdb706bef5b0bb93a796cb4d2bccb49d8cd130672b6bcfbcd27175de1ba8a9f7007aa53cfe663a42ee1d2fcd10d5917b42d886ba262537fe1a1c33e383e344
SSDEEP

3072:BT/o0u7Zrg+PbpAVdEVGbIH/TnaFITk4KHreH417DFs9v:O8uGbgiz9Kqsp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
221c232d7f22ee424afc7cd967edffbbcb21cba7c24c3d5d26efa0227f807d60N

Files

221c232d7f22ee424afc7cd967edffbbcb21cba7c24c3d5d26efa0227f807d60N
.dll regsvr32 windows:4 windows x86 arch:x86

0e8457931e6025970696e9132a5b6516

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

LockResource
GetWindowsDirectoryA
GetProcAddress
FindResourceA
LoadResource
InterlockedIncrement
GetLastError
InterlockedDecrement
GetFileAttributesA
GetModuleFileNameA
lstrcatA
DisableThreadLibraryCalls
GetVersion
InitializeCriticalSection
lstrcpynA
DeleteCriticalSection
FreeLibrary
GlobalAlloc
CreateFileA
GetFileSize
GlobalUnlock
GlobalLock
ReadFile
IsDBCSLeadByte
GlobalFree
CloseHandle
LoadLibraryA
GetLocaleInfoA
lstrcmpiA
MulDiv
GetProcessHeap
HeapFree
lstrlenA
WideCharToMultiByte
lstrlenW
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
lstrcpyA
HeapAlloc
MultiByteToWideChar

user32

OffsetRect
ClientToScreen
IntersectRect
SetWindowRgn
GetActiveWindow
EqualRect
PtInRect
CallWindowProcA
ReleaseCapture
SetCapture
GetCapture
ScrollWindowEx
BeginPaint
MoveWindow
UpdateWindow
IsWindowEnabled
InflateRect
GetWindowTextA
SetWindowTextA
UnregisterClassA
DestroyWindow
CharNextA
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
IsWindow
MessageBeep
MessageBoxA
SetFocus
IsWindowVisible
GetClientRect
EndPaint
SetWindowLongA
DefWindowProcA
RegisterClassA
GetWindowLongA
ShowWindow
SetParent
LoadStringA
GetKeyState
wsprintfA
WinHelpA
GetWindow
IsDialogMessageA
SetWindowPos
InvalidateRect
GetFocus
CheckDlgButton
SetRect
DrawFocusRect
LoadBitmapA
MapDialogRect
IsDlgButtonChecked
EnableWindow
GetDC
GetSysColor
FillRect
DrawEdge
DrawTextA
ReleaseDC
ValidateRect
GetDlgItem
GetWindowRect
ScreenToClient
SendMessageA
GetParent
CreateDialogIndirectParamA
GetNextDlgTabItem
IsChild
CreateWindowExA

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemFree

advapi32

RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

LoadRegTypeLi
OleCreatePropertyFrame
SetErrorInfo
LoadTypeLibEx
UnRegisterTypeLi
SysAllocStringLen
RegisterTypeLi
GetErrorInfo
LoadTypeLi
SysAllocString
OleCreatePictureIndirect
VariantChangeType
OleLoadPicture
OleTranslateColor
SysStringLen
VariantInit
VariantClear
OleCreateFontIndirect
CreateErrorInfo
SysFreeString

comdlg32

GetOpenFileNameA
ChooseColorA

gdi32

CreateRectRgnIndirect
GetPixel
CreateCompatibleDC
GetViewportExtEx
CreateBitmap
SetWindowOrgEx
SetViewportOrgEx
CreateDCA
SetViewportExtEx
SetMapMode
SetWindowExtEx
GetWindowExtEx
DeleteObject
LPtoDP
GetDeviceCaps
CreateICA
DeleteDC
SetBkColor
SetTextColor
SelectObject
GetObjectA
ExtTextOutA
CreateSolidBrush
CreateFontIndirectA
EnumFontFamiliesA
GetTextExtentPoint32A
BitBlt

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e8457931e6025970696e9132a5b6516

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 1KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 8KB - Virtual size: 4KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 4KB

.rmnet
Size: 60KB - Virtual size: 60KB