a7338cfccc94a2fa8add6f69a591f60abf246cad681e4a86537fbcabf145dd47N

Sharing

Copy URL

Twitter E-mail

General

Target

a7338cfccc94a2fa8add6f69a591f60abf246cad681e4a86537fbcabf145dd47N
Size

640KB
MD5

33d0d0afd640b2a949b08a1e33fc5350
SHA1

3d4c4bd59b6b0c6a4fc4c7bffa90663407c4655e
SHA256

a7338cfccc94a2fa8add6f69a591f60abf246cad681e4a86537fbcabf145dd47
SHA512

c81505b5a810a2276c43a07533ece3aefb9cca135b86b329c4a99c742da707d2503b0d14dd773a535187e78f9bed8af8a7b81670bb8b0d1300a70fe4e76d52e9
SSDEEP

12288:2kTNnabKPWWH2bfCQrSO5AjzcCWdhTQ7ob3JMrhcrHzNjP:/TR2KPl2zCQrSDjzcCWIA3JwcTR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7338cfccc94a2fa8add6f69a591f60abf246cad681e4a86537fbcabf145dd47N

Files

a7338cfccc94a2fa8add6f69a591f60abf246cad681e4a86537fbcabf145dd47N
.dll regsvr32 windows:4 windows x86 arch:x86

9ada1f3dbb820335773d1750a17ae7dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

d3d8

Direct3DCreate8

comctl32

PropertySheetA

kernel32

InterlockedDecrement
InterlockedIncrement
FindClose
FindFirstFileA
FindNextFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileW
GetVersionExA
UnmapViewOfFile
FindResourceW
HeapFree
GetProcessHeap
GetProcAddress
WriteFile
IsProcessorFeaturePresent
ReadFile
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
CompareStringA
FlushFileBuffers
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
DeleteCriticalSection
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
LCMapStringW
LCMapStringA
RaiseException
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetEndOfFile
GetStartupInfoA
GetStdHandle
SetHandleCount
SetStdHandle
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
TerminateProcess
ExitProcess
Sleep
GetVersion
GetCommandLineA
GetFileType
SetFilePointer
HeapReAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapDestroy
IsDBCSLeadByte
RtlUnwind
HeapAlloc
lstrcmpiA
LoadLibraryExA
GetLastError
GetModuleHandleA
GetShortPathNameA
WideCharToMultiByte
lstrlenW
lstrlenA
GetModuleFileNameA
lstrcpynA
MultiByteToWideChar
FreeLibrary
GetCurrentProcess
FlushInstructionCache
LoadLibraryA
MulDiv
FindResourceA
SizeofResource
LoadResource
LockResource
QueryPerformanceFrequency
QueryPerformanceCounter
GetFullPathNameA
CreateFileA
CloseHandle
lstrcpyA
lstrcatA
CompareStringW
SetUnhandledExceptionFilter
SetEnvironmentVariableA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA

gdiplus

GdipSetPathGradientCenterPointI
GdipCreateLineBrushFromRectI
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipGetPathGradientPointCount
GdiplusShutdown
GdipAddPathBezierI
GdipSetSmoothingMode
GdipCreatePath
GdipAddPathLineI
GdipClosePathFigure
GdipCreatePathGradientFromPath
GdipSetPathGradientFocusScales
GdipFillPath
GdipDeletePath
GdipDrawRectangleI
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipFillRectangle
GdipGetPenWidth
GdipCreateFromHDC
GdipCreateBitmapFromFileICM
GdipGetImageWidth
GdipGetImageHeight
GdipSetInterpolationMode
GdipCreateBitmapFromFile
GdipDrawImageRectRectI
GdipDrawImageI
GdipCreatePen1
GdipDrawLineI
GdipFillEllipseI
GdipCreateMatrix
GdipTranslateMatrix
GdipRotateMatrix
GdipSetWorldTransform
GdipDeletePen
GdipDeleteMatrix
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipDisposeImage
GdipCloneImage
GdipFree
GdipCloneBrush
GdiplusStartup
GdipAlloc
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipCreatePathGradient
GdipCreateSolidFill
GdipFillRectangleI
GdipDeleteBrush

ddraw

DirectDrawCreate

winmm

timeGetTime

user32

DestroyWindow
PostMessageA
SetCursor
GetSysColorBrush
LoadCursorA
RegisterClassA
GetSystemMetrics
CreateWindowExA
GetDC
ReleaseDC
IsWindowUnicode
SetWindowsHookExA
ShowWindow
UpdateWindow
UnhookWindowsHookEx
GetAsyncKeyState
CallNextHookEx
GetFocus
SetWindowLongA
IsDlgButtonChecked
GetDlgItem
SendMessageA
wsprintfA
EndDialog
DialogBoxParamA
SetWindowPos
GetWindowLongA
GetWindowRect
GetClientRect
SetScrollInfo
RegisterWindowMessageA
CharNextA
wsprintfW
LoadStringA
DefWindowProcA
CallWindowProcA

gdi32

StretchDIBits
TextOutA
SetTextColor
SetBkMode
CreateDIBSection
SetBkColor
SetTextAlign
GetTextExtentPoint32A
ExtTextOutA
CreateDIBitmap
CreateCompatibleDC
SelectObject
SetMapMode
GetDeviceCaps
DeleteDC
CreateFontA
BitBlt
SetWindowOrgEx
DeleteObject

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA

ole32

CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoUninitialize

oleaut32

SysFreeString
SysStringLen
VarUI4FromStr
LoadRegTypeLi
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9ada1f3dbb820335773d1750a17ae7dc

Headers

File Characteristics

Imports

d3d8

comctl32

kernel32

shell32

gdiplus

ddraw

winmm

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 440KB - Virtual size: 439KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 44KB - Virtual size: 64KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 24KB - Virtual size: 22KB

.reloc Size: 24KB - Virtual size: 21KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 440KB - Virtual size: 439KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 44KB - Virtual size: 64KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 24KB - Virtual size: 22KB

.reloc
Size: 24KB - Virtual size: 21KB

.rmnet
Size: 60KB - Virtual size: 60KB