cd77421d73c38ec3c6f5d2c86058371e74e6d4d344ab9b6af2b08071170f8c0c

Sharing

Copy URL

Twitter E-mail

General

Target

cd77421d73c38ec3c6f5d2c86058371e74e6d4d344ab9b6af2b08071170f8c0c
Size

1.2MB
MD5

e1f6a3a284798aee108f94f70ac1d25a
SHA1

ee04935d7d3ba0c66e20a6c1375150dfc832da81
SHA256

cd77421d73c38ec3c6f5d2c86058371e74e6d4d344ab9b6af2b08071170f8c0c
SHA512

9b572b9be3dca138d82ec3152fe62a81185e812693c09cf7d27c173b1f0072c2b519f7abf00c9ddec6d0df51318b0be914bbd623150a9c1f66e978c3635405e2
SSDEEP

24576:JbYRleg4H/qZHeK+dVxodFx2mi8WJhFwmuK/DHvb1MrzM+SU5L5tj112jGLF2eoE:0UQH1dFx2mi8kwybqzM8L5tj112jGLFJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd77421d73c38ec3c6f5d2c86058371e74e6d4d344ab9b6af2b08071170f8c0c

Files

cd77421d73c38ec3c6f5d2c86058371e74e6d4d344ab9b6af2b08071170f8c0c
.dll regsvr32 windows:6 windows x86 arch:x86

6e16afd0d7990d33ac75371bcceecbc8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
lstrcatA
ExitThread
Sleep
GetLastError
DeleteFileA
HeapAlloc
ExitProcess
GetProcessHeap
GetSystemTime
Process32First
EnterCriticalSection
VirtualFree
WriteFile
LeaveCriticalSection
CreateMutexA
GetTimeFormatA
CreateToolhelp32Snapshot
GetTempPathA
GetDateFormatA
GlobalAlloc
Process32Next
GetTickCount
GetModuleHandleW
lstrcmpA
lstrcpyA
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetModuleHandleExW
DeleteCriticalSection
GetConsoleCP
SetLastError
GetCurrentThread
GetCurrentThreadId
GetStdHandle
GetFileType
GetStartupInfoW
RaiseException
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetFileAttributesExW
GetFileSizeEx
SetFilePointerEx
InitializeCriticalSectionAndSpinCount
GetCommandLineA
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
LoadLibraryExW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
FlushFileBuffers
GetConsoleMode
MultiByteToWideChar
DeleteFileW
WideCharToMultiByte
CreateFileW
SetConsoleMode
GetNumberOfConsoleInputEvents
ReadConsoleInputW
PeekConsoleInputA
ReadConsoleW
ReadFile
GetCPInfo
IsValidCodePage
GetACP
GetOEMCP
GetStringTypeW
SetStdHandle
SetConsoleCtrlHandler
GetModuleFileNameW
HeapSize
HeapReAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
EncodePointer
DecodePointer
OutputDebugStringW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
SwitchToThread
CreateEventW
FormatMessageW
MapViewOfFile
FreeLibrary
GetFileSize
CreateFileMappingA
HeapFree
GetProcAddress
CloseHandle
LoadLibraryA
CreateFileA
UnmapViewOfFile
VirtualProtect
TlsAlloc
GetModuleFileNameA
SetEndOfFile

user32

DispatchMessageA
GetDC
CreateWindowExW
ShowWindow
DefWindowProcA
GetMessageA
TranslateMessage
PostQuitMessage
EnableMenuItem
RegisterClassExA
UpdateWindow
DestroyMenu
MessageBoxA
ActivateKeyboardLayout
EndPaint
GetKeyboardLayout
BeginPaint

gdi32

LineTo
GetStockObject
CreatePen
Rectangle
SelectObject
TextOutA
DeleteObject
MoveToEx

comdlg32

FindTextA
GetOpenFileNameA
GetSaveFileNameA

wininet

InternetCloseHandle
HttpSendRequestA
InternetConnectA
InternetReadFile
HttpQueryInfoA
InternetOpenA
HttpAddRequestHeadersA
InternetSetOptionA
HttpOpenRequestA
InternetQueryOptionA
InternetCanonicalizeUrlA

Exports

Exports

DllRegisterServer
ajb6uujmba7ljobupoyex1n5
c0wqso26efwq
h6i4f54ttqxq
i1nxq1k0k82ratrljmsex6pq3j
iyctzr1t733pfq3t
lr0ukz75o2j5xwsx
r32ff4y8les
syd
vhbd6nnyxq69dl
vs5xxc3ri6w5d6b
wf8nga1z8n1f45uk6
ymam87fdr14vcw74lr40bg

Sections

.text
Size: 988KB - Virtual size: 988KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e16afd0d7990d33ac75371bcceecbc8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

wininet

Exports

Exports

Sections

.text Size: 988KB - Virtual size: 988KB

.rdata Size: 148KB - Virtual size: 147KB

.data Size: 7KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 79KB - Virtual size: 79KB

.text
Size: 988KB - Virtual size: 988KB

.rdata
Size: 148KB - Virtual size: 147KB

.data
Size: 7KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 79KB - Virtual size: 79KB