dad638d01354ee009acf49b01220fb7aece1290166083851ca1c79fed0cb71ceN

Sharing

Copy URL Twitter E-mail

General

Target

dad638d01354ee009acf49b01220fb7aece1290166083851ca1c79fed0cb71ceN
Size

102KB
MD5

cd136e914fd72352b576b9cd9bbc86c0
SHA1

e0b164c48967fa294481c15c640b1553f44d0f2d
SHA256

dad638d01354ee009acf49b01220fb7aece1290166083851ca1c79fed0cb71ce
SHA512

e0d2fce0b9ef03a6bf03aacb4c2896ae6b038e4407cbd1632918d632a1d46edf3d1c02366afaff435b28da5e3582b52923986b41981ec304f2ac72efa3263276
SSDEEP

768:GPd08vEqWCZNe7DgoXmVmLspq2qbVcGdRjyRoY6qRVp15+bcrD2iDE55FvyV77Oe:02bZ7D7XmV98VqGBwRRsF0HPTaqu9st

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dad638d01354ee009acf49b01220fb7aece1290166083851ca1c79fed0cb71ceN

Files

dad638d01354ee009acf49b01220fb7aece1290166083851ca1c79fed0cb71ceN
.dll windows:5 windows x86 arch:x86

28a32d1897d5e796adb831310f2971f3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

liccpa.pdb

Imports

msvcrt

mbstowcs
_vsnwprintf
malloc
_adjust_fdiv
_initterm
free
wcstoul
_wcsnicmp
wcsncat
iswdigit
_wtoi
_wcsicmp
wcslen
_vsnprintf
strtoul

user32

MoveWindow
GetParent
LoadCursorW
SetCursor
SetWindowLongW
GetFocus
InvalidateRect
DefWindowProcW
DialogBoxParamW
IsDlgButtonChecked
CheckDlgButton
EnableWindow
ShowWindow
EndDialog
UpdateWindow
SetDlgItemInt
SetFocus
MessageBeep
GetDlgItemInt
GetDlgItem
SendMessageW
IsWindow
GetActiveWindow
GetDesktopWindow
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
GetWindowRect
GetWindowLongW
LoadStringW
MessageBoxW
UnhookWindowsHookEx
SetWindowsHookExW
RegisterWindowMessageW
CallNextHookEx
PostMessageW

activeds

ord3

ole32

CoCreateInstance

oleaut32

VariantClear
SysFreeString
SysAllocString
VariantInit

kernel32

GetLocaleInfoW
lstrcmpiW
GetPrivateProfileStringW
GetLastError
GetVersionExW
GetSystemWindowsDirectoryW
LocalFree
lstrcmpiA
lstrcmpW
CreateDirectoryW
GetProcAddress
LoadLibraryA
FreeLibrary
GetSystemDirectoryW
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
CloseHandle
LocalAlloc
QueryPerformanceCounter
LoadLibraryW
lstrlenW
GlobalFree
GlobalAlloc
GetCurrentThreadId
CreateFileW

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegConnectRegistryW
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
SetNamedSecurityInfoW
SetEntriesInAclW
GetNamedSecurityInfoW
BuildTrusteeWithSidW
AllocateAndInitializeSid
UnlockServiceDatabase
ChangeServiceConfigW
LockServiceDatabase
ChangeServiceConfig2W
CreateServiceW
CloseServiceHandle
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
RegEnumKeyExW

comctl32

CreatePropertySheetPageW

llsrpc

LlsProductAddW
LlsCapabilityIsSupported
LlsProductSecuritySetW
LlsClose
LlsConnectEnterpriseW
LlsProductLicensesGetW
LlsProductSecurityGetW
LlsConnectW
LlsFreeMemory

ccfapi32

CCFCertificateRemoveUI
CCFCertificateEnterUI

syssetup

GetAnswerFileSetting

Exports

Exports

CPlApplet
CPlSetup
DllMain
LicenseSetupRequestWizardPages
dlgprocCommon
dlgprocLICCPA
dlgprocLICSETUP
dlgprocLicViolation
dlgprocPERSEATSETUP
msgprocHelpFilter

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28a32d1897d5e796adb831310f2971f3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

user32

activeds

ole32

oleaut32

kernel32

advapi32

comctl32

llsrpc

ccfapi32

syssetup

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 35KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 36KB - Virtual size: 35KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 2KB - Virtual size: 2KB