1f85547ff5b8cd43ded758f59cf95403a9885d3fd99d65a5a25aaf35dd27c6e0

Sharing

Copy URL

Twitter E-mail

General

Target

1f85547ff5b8cd43ded758f59cf95403a9885d3fd99d65a5a25aaf35dd27c6e0
Size

494KB
MD5

434e33b0bf6e9520fb22817a71f0d278
SHA1

90f60fcdbef908a6bc9dec4825a3708766d17ab0
SHA256

1f85547ff5b8cd43ded758f59cf95403a9885d3fd99d65a5a25aaf35dd27c6e0
SHA512

32f28641d118ffbc90deee3b939b71d80157d426fa8288776b3b7b2681836f8dcdb5b9ccbc8ea6e9f282ecf58f8595cd7cc5959e664cc08831f6c2cc5364639e
SSDEEP

6144:olwfAPM28l0FbkP7CFuPvXqhUG5yBIHqSocARKl1lXIppp14Wqsi5Aq/P33JEKz7:eCAPiP7CFuHXqhUGMXSJnzehJKO1W/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f85547ff5b8cd43ded758f59cf95403a9885d3fd99d65a5a25aaf35dd27c6e0

Files

1f85547ff5b8cd43ded758f59cf95403a9885d3fd99d65a5a25aaf35dd27c6e0
.dll regsvr32 windows:5 windows x86 arch:x86

198acd02281da609f14c3b3b126f5b0e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
HeapAlloc
GetCommandLineA
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RaiseException
HeapReAlloc
Sleep
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateFileA
GetShortPathNameW
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
WritePrivateProfileStringW
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetTickCount
GetCurrentProcessId
GlobalAddAtomW
GlobalFindAtomW
GetVersionExW
LoadLibraryA
GetVersionExA
FormatMessageW
LocalFree
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
InterlockedExchange
lstrcmpW
GlobalAlloc
GetCurrentThreadId
CloseHandle
FreeLibrary
GetModuleFileNameW
MulDiv
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetLastError
SetLastError
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
lstrlenA
CompareStringW
InterlockedDecrement
GetModuleHandleW
GetProcAddress
InterlockedIncrement
LockResource
SizeofResource
LoadResource
FindResourceW
FreeEnvironmentStringsW
ExitProcess

user32

LoadCursorW
GetSysColorBrush
DestroyIcon
RegisterClipboardFormatW
GetWindowThreadProcessId
SetCursor
ShowWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
MapWindowPoints
SetForegroundWindow
UpdateWindow
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
DestroyMenu
CopyRect
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostMessageW
PostQuitMessage
EnableWindow
SendMessageW
GetSystemMetrics
RemoveMenu
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
UnhookWindowsHookEx
GetSysColor
EndPaint
PostThreadMessageW
SetMenu
AppendMenuW
LoadIconW
LoadAcceleratorsW
GetClientRect
DrawIcon
IsIconic
GetSystemMenu
TranslateAcceleratorW
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ClientToScreen
BeginPaint
ReleaseDC
GetDC
GetMessagePos

gdi32

GetStockObject
GetDeviceCaps
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
CreateBitmap
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetObjectW
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
SetViewportExtEx

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegSetValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

ExtractIconW

shlwapi

PathFindExtensionW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoDisconnectObject
StringFromCLSID
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject

oleaut32

RegisterActiveObject
SysFreeString
SysStringByteLen
SysStringLen
SysAllocStringLen
VariantClear
VariantCopy
VariantChangeType
SysAllocString
VariantInit
LoadTypeLi
RevokeActiveObject

Exports

Exports

DllRegisterClass
DllRegisterServer
DllUnregisterClass
DllUnregisterServer

Sections

.text
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

198acd02281da609f14c3b3b126f5b0e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Exports

Exports

Sections

.text Size: 235KB - Virtual size: 234KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 9KB - Virtual size: 24KB

.rsrc Size: 156KB - Virtual size: 156KB

.reloc Size: 53KB - Virtual size: 52KB

.text
Size: 235KB - Virtual size: 234KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 9KB - Virtual size: 24KB

.rsrc
Size: 156KB - Virtual size: 156KB

.reloc
Size: 53KB - Virtual size: 52KB