145d317e6b09c29f19b2179d77a2b0066afd43e3165337f493aa434576c47157

Sharing

Copy URL

Twitter E-mail

General

Target

145d317e6b09c29f19b2179d77a2b0066afd43e3165337f493aa434576c47157
Size

678KB
MD5

54e2da763da8e5373f747994027ddfbc
SHA1

4d1e261ae552b96a69739c0e38a212e8b9d86edd
SHA256

145d317e6b09c29f19b2179d77a2b0066afd43e3165337f493aa434576c47157
SHA512

2dbfa98c8ac4be6c52d0efcfd6f5ec4cce3ec6aaa52100cc9d3f3a062551cb8775688163c9e4650589035e5f8fd1ba36ac4568db1a63ab5d14fd153dd3cb26a1
SSDEEP

12288:8nUIW4anSDGCH0fu1QJKwkbe1gUK7wrnUfpE:kUITnGCH+u1QJKsCwrUfpE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
145d317e6b09c29f19b2179d77a2b0066afd43e3165337f493aa434576c47157

Files

145d317e6b09c29f19b2179d77a2b0066afd43e3165337f493aa434576c47157
.dll regsvr32 windows:4 windows x64 arch:x64

b7b90674fa6c5f9a16bdab0725f21bbb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapReAlloc
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
HeapSetInformation
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
FlsGetValue
FlsFree
FlsAlloc
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
FlsSetValue
HeapAlloc
HeapFree
GetVersionExW
WritePrivateProfileStringW
LocalFileTimeToFileTime
FileTimeToLocalFileTime
CreateFileW
GetShortPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
lstrcmpiW
GetStringTypeExW
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileW
MoveFileW
TlsFree
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
TlsGetValue
LocalAlloc
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
lstrlenA
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
CompareStringA
GetVersion
GetCurrentProcessId
GlobalGetAtomNameW
GetModuleHandleA
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
FreeLibrary
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetProcAddress
GetVersionExA
GlobalAlloc
FormatMessageW
LocalFree
SizeofResource
lstrlenW
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FindResourceW
LoadResource
LockResource
FreeResource
GetLastError
SetLastError
WideCharToMultiByte
VirtualAlloc
LoadLibraryW
ExitProcess
FreeEnvironmentStringsW
MultiByteToWideChar

user32

DrawMenuBar
TranslateMDISysAccel
PostQuitMessage
ShowOwnedPopups
ValidateRect
TranslateMessage
GetMessageW
GetSysColorBrush
GetMenuItemInfoW
CharUpperW
DestroyIcon
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetCursorPos
ReleaseCapture
SetCursor
LoadCursorW
SetCapture
KillTimer
SetTimer
ClientToScreen
SetWindowRgn
DrawIcon
FindWindowW
SystemParametersInfoW
InvalidateRect
ShowWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
LoadIconW
DefMDIChildProcW
SendDlgItemMessageW
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassNameW
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
GetTopWindow
GetWindowLongPtrW
SetWindowLongPtrW
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetMenu
PostMessageW
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
GetWindow
SetFocus
DefFrameProcW
DestroyCursor
SetCursorPos
RedrawWindow
InflateRect
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
SendDlgItemMessageA
GetWindowThreadProcessId
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetParent
SendMessageW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
UpdateWindow
GetFocus
FillRect
GetClientRect
EnableWindow
EndDeferWindowPos
UnregisterClassA

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
ScaleViewportExtEx
CreateSolidBrush
CreateCompatibleBitmap
PatBlt
GetTextExtentPoint32W
CreateFontIndirectW
DeleteObject
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
BitBlt
CreateBitmap
SetTextAlign
SetMapMode
SetBkMode
RestoreDC
SaveDC
Ellipse
LPtoDP
CreateEllipticRgn
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
GetFileSecurityW
SetFileSecurityW
RegOpenKeyW
RegSetValueW
RegCloseKey
RegCreateKeyW

shell32

DragQueryFileW
SHGetFileInfoW
ExtractIconW
DragFinish

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen

Exports

Exports

DllRegisterServer

Sections

.text
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7b90674fa6c5f9a16bdab0725f21bbb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

Exports

Exports

Sections

.text Size: 317KB - Virtual size: 316KB

.rdata Size: 101KB - Virtual size: 100KB

.data Size: 12KB - Virtual size: 35KB

.pdata Size: 23KB - Virtual size: 22KB

.rsrc Size: 211KB - Virtual size: 210KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 317KB - Virtual size: 316KB

.rdata
Size: 101KB - Virtual size: 100KB

.data
Size: 12KB - Virtual size: 35KB

.pdata
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 211KB - Virtual size: 210KB

.reloc
Size: 13KB - Virtual size: 12KB