f6c03498d775fe589f6f49580d3d16ef646327df51aae0173ba5950dea290ba4N

Sharing

Copy URL Twitter E-mail

General

Target

f6c03498d775fe589f6f49580d3d16ef646327df51aae0173ba5950dea290ba4N
Size

92KB
MD5

25197fb85d02c354e1f9d46bfbab1550
SHA1

a1c16b56e74c5d1b36d6835115bd90a30d7cea04
SHA256

f6c03498d775fe589f6f49580d3d16ef646327df51aae0173ba5950dea290ba4
SHA512

e300dfff4c6093a33cf3b84264c8c7a60234d31d1003f8808775cd5ecbf506997060832987cb7ab14ce454149f65219327b9a960ce948b70dbb5900c4e306ba6
SSDEEP

1536:us4r22xRD1DXiHgSwAIVoaImMRFbUUHsF6HnFXFKFLA/DQRTBDeoVWBMZ:l4rbDL5Vo/mMRFrHcIFXFKFE/DeTh3oM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6c03498d775fe589f6f49580d3d16ef646327df51aae0173ba5950dea290ba4N

Files

f6c03498d775fe589f6f49580d3d16ef646327df51aae0173ba5950dea290ba4N
.dll regsvr32 windows:4 windows x86 arch:x86

f7cb066c523e5e87583dac859fa9ba12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetWindowsDirectoryW
GetStartupInfoA
GetDefaultCommConfigW
lstrcatA
lstrlenA
WaitForMultipleObjectsEx
FindNextChangeNotification
GlobalFindAtomA
HeapDestroy
FindNextVolumeMountPointW
IsBadHugeReadPtr
CreateWaitableTimerA
SetSystemTime
FindFirstChangeNotificationW
TransactNamedPipe
OpenFileMappingW
GetSystemDirectoryW
LocalHandle
GetLogicalDrives
GetThreadContext
VerifyVersionInfoA
SetCommBreak
IsValidLocale
SetTimeZoneInformation
CreateHardLinkW
OpenEventA
GetVersionExW
GetCommConfig
SleepEx
GlobalAddAtomA
SetFileTime
RaiseException
lstrcpyA
SetCommTimeouts
UnregisterWaitEx
EnumSystemLocalesA
SetVolumeLabelA
GetEnvironmentVariableA
GetFileAttributesExW
GetFileAttributesW
WriteProfileStringA
GetFileType
ReplaceFileW
SizeofResource
SetCommState
ReadConsoleW
SystemTimeToTzSpecificLocalTime
GetDateFormatA
GetEnvironmentVariableW
GetTimeFormatW
GetStringTypeExW
AreFileApisANSI
GetWindowsDirectoryA
GetTempFileNameW
CopyFileW
GetCurrentProcess
ReadProcessMemory
IsBadReadPtr
GlobalMemoryStatusEx
EnumResourceNamesW
GetStartupInfoW
CreateJobObjectW
GetAtomNameW
VerSetConditionMask
FillConsoleOutputAttribute
GetCurrentDirectoryA
RemoveDirectoryW
PostQueuedCompletionStatus
WTSGetActiveConsoleSessionId
SetConsoleCtrlHandler
GetModuleFileNameW
FillConsoleOutputCharacterW
SetCurrentDirectoryA
CreateDirectoryW
SetFilePointer
UpdateResourceA
WriteConsoleInputA
lstrcatW
FindFirstFileA
SetupComm
VirtualQueryEx
SetEvent
GetSystemWow64DirectoryW
WriteProcessMemory
CreateFileMappingW
FindFirstVolumeMountPointW
GetConsoleScreenBufferInfo
FindNextFileW
GetDiskFreeSpaceExW
GlobalFlags
CreateToolhelp32Snapshot
GetExitCodeProcess
SetEnvironmentVariableA
FreeConsole
GetConsoleCP
GetFileAttributesA
SetLocalTime
GlobalDeleteAtom
GetCurrentThread
SetFileAttributesA
lstrlenW
WaitNamedPipeW
GetSystemTimeAdjustment
VirtualAllocEx
VerLanguageNameW
IsValidLanguageGroup
AddAtomW
SetHandleInformation
DuplicateHandle
SetConsoleActiveScreenBuffer
IsBadWritePtr
GetVersionExA
DeleteTimerQueueEx
GlobalReAlloc
CreateMailslotW
PulseEvent
GetStringTypeW
SetMailslotInfo
ReadConsoleA
OpenMutexA
GetCurrentThreadId
TransmitCommChar
OpenMutexW
VirtualAlloc
PeekConsoleInputA
ReadFileEx
GetVersion
FindResourceExA
HeapReAlloc
WriteConsoleA
ReadFile
CreateFileA
GetLastError
DeleteFileA
InterlockedDecrement
GetCurrentProcessId
HeapFree
LeaveCriticalSection
CreateMutexA
GetProcessHeap
MapViewOfFile
CreateFileMappingA
ExpandEnvironmentStringsA
GetSystemTimeAsFileTime
GlobalAlloc
GetModuleHandleA
GetProcAddress
GetModuleFileNameA
LoadLibraryA
Sleep
InterlockedIncrement
ReleaseMutex
VirtualQuery
WaitForSingleObject
GetShortPathNameA

user32

IsDialogMessageA
InSendMessage
OpenWindowStationA
FindWindowExW
GetDesktopWindow
LoadStringA
SetDlgItemTextA
EndDialog
TranslateAcceleratorW
GetCapture
CreateWindowExW
RegisterHotKey
BeginPaint
WindowFromPoint
SetWindowPos
GetWindowTextW
TranslateAcceleratorA
DrawTextExA
UnregisterClassA
EnableMenuItem
SetCursorPos
ReplyMessage
ShowWindow
GetWindow
CharUpperBuffW
CreateWindowExA
SetParent
ShowCursor
ValidateRect
UnionRect
OpenDesktopA
TabbedTextOutW
GetMenuState
SendNotifyMessageA
ModifyMenuW
IsWindow
GetClassInfoW
InvalidateRgn
OpenInputDesktop
GetNextDlgGroupItem
LoadStringW
MessageBeep
CallWindowProcA
GetSysColorBrush
CharUpperW
GetSubMenu
CheckDlgButton
RemovePropA
DefWindowProcA
DrawStateA
SetMenuItemInfoW
DrawMenuBar
SetCursor
CharNextA
GetDC
EnumDesktopsW
SetProcessWindowStation
GetGUIThreadInfo
MapVirtualKeyW
GetMenuItemInfoW
GetMenuItemCount
GetClassInfoExA
DialogBoxParamA
DialogBoxIndirectParamW
CopyRect
UpdateWindow
ToUnicodeEx
TrackPopupMenu
GetAsyncKeyState
GetMenuStringW
FillRect
InsertMenuItemW
MapVirtualKeyA
GetLastActivePopup
GetShellWindow
IsZoomed
GetDlgItemTextA
SendMessageW
CheckRadioButton
CreateDialogIndirectParamW
SetScrollRange
GetDialogBaseUnits
PeekMessageW
SetMenuItemBitmaps
InvertRect
FindWindowExA
TrackMouseEvent
GetDlgItemTextW
SendInput
DrawEdge
CreateCaret
ScrollWindow
CharToOemBuffA
ChangeDisplaySettingsExW
CreateDialogParamW
IntersectRect
IsMenu
MapDialogRect
SetClassLongW
CreateDialogIndirectParamA
GetActiveWindow
UnregisterClassW
GetFocus
OpenWindowStationW
DrawFocusRect
GetMessageTime
GetPropA
GetWindowLongA
SetRectEmpty
GetCursorPos
CopyAcceleratorTableW
CloseDesktop
EnumThreadWindows
DefMDIChildProcA
WindowFromDC
GetWindowPlacement
GetUpdateRgn
DispatchMessageA
UnhookWindowsHookEx
GetClassNameA
CallNextHookEx
PeekMessageA
SendMessageA
FindWindowA
SwitchToThisWindow

oleaut32

SysFreeString

shlwapi

SHAutoComplete
PathFindExtensionW
PathParseIconLocationW
UrlCreateFromPathW
PathAddBackslashW
PathIsNetworkPathW
StrStrIA
PathAppendA
PathIsRootW
StrToIntA
SHGetValueW
StrCatW
PathIsPrefixW
StrCatBuffA
StrRChrW
SHDeleteKeyW
PathIsUNCServerW
StrCpyNW
PathSkipRootW
PathGetCharTypeW
StrFormatKBSizeW
PathRenameExtensionW
UrlCombineW
SHRegGetValueW
PathIsDirectoryA
StrCmpNIA
UrlCanonicalizeW
StrCmpNIW
AssocCreate
PathCompactPathW
PathMatchSpecW
AssocQueryStringW
PathCreateFromUrlW
PathQuoteSpacesW
StrStrW
SHDeleteKeyA
StrStrIW
StrCpyW

shell32

SHBrowseForFolderA
ExtractIconA
SHAppBarMessage
ShellExecuteA
SHGetPathFromIDListW
DragFinish
SHGetSettings
ShellExecuteExW
SHGetFolderPathW
ShellExecuteW
SHAddToRecentDocs
SHGetSpecialFolderLocation
ExtractIconW
SHPathPrepareForWriteW
ShellAboutA
SHGetFolderPathA
SHGetPathFromIDListA

gdi32

SetBkColor
SetPixel
AddFontResourceW
OffsetWindowOrgEx
SetSystemPaletteUse
EnumMetaFile
CopyMetaFileW
ResizePalette
SetArcDirection
MoveToEx
GetDCOrgEx
DeleteDC
WidenPath
SetROP2
SetBitmapDimensionEx
UpdateColors
DPtoLP
CreateDiscardableBitmap
GetTextCharsetInfo
SetMetaFileBitsEx
CreatePatternBrush
PlayEnhMetaFile
GetPixelFormat
DescribePixelFormat
Escape
SetViewportExtEx
SwapBuffers
AnimatePalette
SetRectRgn
GetWindowOrgEx
ExtCreatePen
OffsetRgn
CreateICW
CreatePolygonRgn
CreatePen
CreateDCW
SetTextCharacterExtra
ExtCreateRegion
CreateRoundRectRgn
CreateFontW
EndDoc
SetPolyFillMode
CreateFontA
CreateEllipticRgnIndirect
GetWorldTransform
Polyline
CreateEnhMetaFileW
GetGlyphOutlineA
GetCharWidth32W
GetGlyphOutlineW
SetAbortProc
GetTextFaceA
GetOutlineTextMetricsA
GetCurrentObject
PolyDraw
CreateFontIndirectW
PolyPolygon
PathToRegion
SelectObject
PlayMetaFileRecord
EnumFontFamiliesExA
CreateDIBSection
IntersectClipRect
CreateCompatibleBitmap
DeleteEnhMetaFile
CopyMetaFileA
SetLayout
SetWorldTransform
GetMapMode
SetICMMode
SetPixelV

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7cb066c523e5e87583dac859fa9ba12

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

shlwapi

shell32

gdi32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB