801c6ee3c4bfbd02999935a0743cc3d6eb495d8f96036716c2ca707d0d0f6df5

Sharing

Copy URL

Twitter E-mail

General

Target

801c6ee3c4bfbd02999935a0743cc3d6eb495d8f96036716c2ca707d0d0f6df5
Size

735KB
MD5

01a1728958c57eae4792056b28014d5f
SHA1

d05e1245bdd9a54aacb692c12b03c2d44db83493
SHA256

801c6ee3c4bfbd02999935a0743cc3d6eb495d8f96036716c2ca707d0d0f6df5
SHA512

406078bd64b7c699afa42e8e56d0e8db174b1f8f898c45a42a155bb1cbcc2757c0225772dacf42d4ff1194a149a4ea6ade990b3d19a59ef2f1df466b27e59440
SSDEEP

12288:agvTeqrCeX329Soy/O+TCJJU2QyDqXkkpxdzR6TqKCKDeS:tviEdX3Y7GTCRhukkpsqUx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
801c6ee3c4bfbd02999935a0743cc3d6eb495d8f96036716c2ca707d0d0f6df5

Files

801c6ee3c4bfbd02999935a0743cc3d6eb495d8f96036716c2ca707d0d0f6df5
.dll regsvr32 windows:5 windows x86 arch:x86

d986dd84d593c1266f1531c47644f308

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetFileType
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
HeapSize
VirtualQuery
HeapReAlloc
GetSystemInfo
ExitProcess
Sleep
GetCommandLineA
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
RtlUnwind
GetTickCount
GetModuleHandleW
GetFileSizeEx
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
CreateFileA
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
InterlockedDecrement
GetCurrentDirectoryA
FormatMessageA
LocalFree
MulDiv
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrlenA
GlobalGetAtomNameA
GlobalFindAtomA
MultiByteToWideChar
lstrcmpW
GetVersionExA
GlobalUnlock
GlobalFree
FreeResource
GetCurrentProcessId
GetLastError
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
WideCharToMultiByte
CompareStringA
FindResourceA
LoadResource
LockResource
SizeofResource
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleA
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
HeapFree
FreeLibrary
GetProcAddress
LoadLibraryA
IsBadReadPtr
VirtualProtect
SetLastError
VirtualAlloc
VirtualFree
SetStdHandle

user32

SetWindowRgn
DrawIcon
MessageBeep
GetNextDlgGroupItem
SetCapture
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableA
CharNextA
GetMenuItemInfoA
InflateRect
CharUpperA
DestroyIcon
GetSysColorBrush
DeleteMenu
IsZoomed
LoadCursorA
DestroyCursor
EndPaint
BeginPaint
GetWindowDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
SetRect
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
SetWindowContextHelpId
MapDialogRect
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
RegisterWindowMessageA
LoadIconA
CreateMenu
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetClientRect
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
GetDlgCtrlID
UpdateWindow
EnableWindow
WindowFromDC
GetWindowRect
InvalidateRect
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
PostThreadMessageA
GetTabbedTextExtentA
WindowFromPoint
RegisterClipboardFormatA
SendDlgItemMessageA
SetTimer
KillTimer
PostQuitMessage
PostMessageA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
SendMessageA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
SetCursor
ShowOwnedPopups
MessageBoxA
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetWindowThreadProcessId
EndDialog
GetNextDlgTabItem
GetDlgItem
IsWindow
DestroyWindow
ReleaseDC

gdi32

GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
GetViewportExtEx
GetViewportOrgEx
PatBlt
CreateRectRgnIndirect
GetTextMetricsA
GetTextExtentPoint32A
GetCharWidthA
CreateFontA
StretchDIBits
CreateFontIndirectA
GetTextColor
GetRgnBox
GetMapMode
CreateEllipticRgn
LPtoDP
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
CreatePen
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCA
DeleteDC
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
DPtoLP
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
PolyBezier
SetPixelV
GetPixel
BitBlt
RoundRect
Rectangle
Polygon
Ellipse
Polyline
Arc
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
ExcludeClipRect

comdlg32

GetFileTitleA

winspool.drv

GetJobA
DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA

shell32

DragFinish
ExtractIconA
SHGetFileInfoA
DragQueryFileA

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

oledlg

ord8

ole32

CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CoCreateInstance
CoUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy

Exports

Exports

DllRegisterServer

Sections

.text
Size: 391KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d986dd84d593c1266f1531c47644f308

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Exports

Exports

Sections

.text Size: 391KB - Virtual size: 390KB

.rdata Size: 111KB - Virtual size: 111KB

.data Size: 151KB - Virtual size: 165KB

.rsrc Size: 32KB - Virtual size: 31KB

.reloc Size: 49KB - Virtual size: 48KB

.text
Size: 391KB - Virtual size: 390KB

.rdata
Size: 111KB - Virtual size: 111KB

.data
Size: 151KB - Virtual size: 165KB

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 49KB - Virtual size: 48KB