eeb56d359c6ae7c34d9b7cd0241155ddc84aaeecf7aeb338e6c1bfa5e47868c3

Sharing

Copy URL

Twitter E-mail

General

Target

eeb56d359c6ae7c34d9b7cd0241155ddc84aaeecf7aeb338e6c1bfa5e47868c3
Size

648KB
MD5

801b81e7e9f9518eefffd23394c76b6c
SHA1

652a79ae8c1e34150cc80b2c7fbd8d31071fddf7
SHA256

eeb56d359c6ae7c34d9b7cd0241155ddc84aaeecf7aeb338e6c1bfa5e47868c3
SHA512

69e8a436ba6f56db8f9c1c29afa4d45bcb48ab93a04972620011802bd8c8420e47ff4d9fdef195b693a6dcb5cb8a0b2c7e27dc7e8c011a9ccaf4e860851d46c3
SSDEEP

12288:knPmLtqW5lhR5p/gCshHmtERp9kWEPEyuzXNSErQUIKfzAh73:kP0E2hpgCshHmts9dNSILIKbAh73

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
eeb56d359c6ae7c34d9b7cd0241155ddc84aaeecf7aeb338e6c1bfa5e47868c3

Files

eeb56d359c6ae7c34d9b7cd0241155ddc84aaeecf7aeb338e6c1bfa5e47868c3
.dll regsvr32 windows:4 windows x64 arch:x64

d54c20caccd6fa31a67d7e31aead24f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

gdiplus

GdipDrawImageRectI
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipFillRectangleI
GdipCreateSolidFill
GdipCreateBitmapFromFile
GdipDisposeImage
GdipDeleteBrush
GdipDeleteGraphics

kernel32

DeleteCriticalSection
TlsFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
GlobalFlags
GetCPInfo
GetOEMCP
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
GetSystemInfo
VirtualQuery
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
FlsSetValue
GetCommandLineA
GetProcessHeap
ExitProcess
LocalReAlloc
HeapSize
GetStdHandle
HeapSetInformation
HeapCreate
HeapDestroy
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
RtlVirtualUnwind
FlsGetValue
FlsFree
FlsAlloc
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetACP
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
WritePrivateProfileStringA
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
CreateFileA
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
CloseHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
VirtualAlloc
GetVersionExA
FreeLibrary
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
DeleteFileA
GetTempPathA
GetTempFileNameA
lstrlenA
CompareStringW
CompareStringA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar

user32

GetWindowThreadProcessId
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDesktopWindow
MapDialogRect
SetWindowContextHelpId
GetSysColorBrush
LoadCursorA
UnregisterClassA
DestroyMenu
SetCapture
ReleaseCapture
CharNextA
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
PeekMessageA
MapWindowPoints
GetKeyState
GetScrollPos
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
IsWindow
LoadIconA
GetWindowRect
IsIconic
DrawIcon
EqualRect
InflateRect
CopyRect
SetCursor
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
GetMessagePos
DestroyIcon
ValidateRect
PostQuitMessage
IsWindowEnabled
GetLastActivePopup
ShowWindow
TrackMouseEvent
DrawIconEx
GetWindowLongA
GetSysColor
GetSystemMetrics
EnableWindow
GetFocus
RedrawWindow
InvalidateRect
ScreenToClient
GetClientRect
SendMessageA
DrawFrameControl
OffsetRect
CharUpperA
PostMessageA

gdi32

RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateBitmap
GetStockObject
SetTextColor
ExtCreatePen
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetWindowExtEx
GetViewportExtEx
GetObjectA
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
GetTextExtentPoint32A
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
MoveToEx
LineTo
GetClipBox
SetMapMode
PtVisible

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegCloseKey
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA

comctl32

ord17

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oledlg

ord8

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject

oleaut32

SysStringLen
VariantCopy
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysFreeString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

Exports

Exports

DllRegisterServer

Sections

.text
Size: 307KB - Virtual size: 306KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d54c20caccd6fa31a67d7e31aead24f5

Headers

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

Exports

Exports

Sections

.text Size: 307KB - Virtual size: 306KB

.rdata Size: 98KB - Virtual size: 97KB

.data Size: 13KB - Virtual size: 37KB

.pdata Size: 22KB - Virtual size: 22KB

.rsrc Size: 194KB - Virtual size: 194KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 307KB - Virtual size: 306KB

.rdata
Size: 98KB - Virtual size: 97KB

.data
Size: 13KB - Virtual size: 37KB

.pdata
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 194KB - Virtual size: 194KB

.reloc
Size: 12KB - Virtual size: 11KB