1fd05bfb4c117e182a26735c37b86d24df7e6a0ad461f1778a0b1a29f974652c

Sharing

Copy URL Twitter E-mail

General

Target

1fd05bfb4c117e182a26735c37b86d24df7e6a0ad461f1778a0b1a29f974652c
Size

192KB
MD5

9c163c66ce95f8865b5c868b3f28bdf2
SHA1

46e3fd77d6d82ac1d966e017c1d5796229bd8c25
SHA256

1fd05bfb4c117e182a26735c37b86d24df7e6a0ad461f1778a0b1a29f974652c
SHA512

adcb8dfa67ccaade7d7323f128199316f76076ed6d5d2584d1027581e0a07c0f35d305902b0790e5d8a01cf3fb543a8cd0a4bef6a3e5650c1a5f8424e9aab815
SSDEEP

3072:1il6zEW8OEz0L6a4pLVu7MBJT80aplErNUsl/3ETDp:1il6dMz8tR08ANU23

Score

N/A

Malware Config

Signatures

Files

1fd05bfb4c117e182a26735c37b86d24df7e6a0ad461f1778a0b1a29f974652c
.dll regsvr32 windows x86

3315a8ec8b3a582cafff8a545edf4e1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
OutputDebugStringW
CloseHandle
FlushFileBuffers
GetSystemInfo
VirtualProtect
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetFilePointer
GetVersionExA
GetOEMCP
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
WriteFile
UnhandledExceptionFilter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
TerminateProcess
SetUnhandledExceptionFilter
GetModuleHandleA
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
IsBadWritePtr
VirtualAlloc
GetCurrentThreadId
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
FindResourceExW
LeaveCriticalSection
EnterCriticalSection
InterlockedExchange
lstrcpynW
lstrcmpiW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetLastError
GetModuleFileNameW
GetModuleHandleW
lstrcpyW
lstrlenW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
GetCPInfo
VirtualFree
HeapCreate
HeapDestroy
VirtualQuery
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
ExitProcess
RtlUnwind
HeapReAlloc
GetCommandLineA
QueryPerformanceCounter

user32

UnregisterClassW
CharNextW
IsWindow
SendMessageW
SetWindowLongW
CreateWindowExW
SystemParametersInfoA
GetSystemMetrics
PostMessageW
InflateRect
IntersectRect
GetWindowDC
ClientToScreen
ScreenToClient
SystemParametersInfoW
DrawTextW
SetCapture
GetCapture
GetDlgCtrlID
SetCursor
InvalidateRect
ReleaseCapture
RegisterClassExW
CallWindowProcW
GetWindowLongW
DefWindowProcW
EndPaint
BeginPaint
LoadBitmapW
DestroyWindow
DestroyCursor
LoadImageW
GetDC
ReleaseDC
GetParent
LoadCursorW
wsprintfW
GetClassInfoExW
SetWindowRgn
SetParent
EnableWindow
ShowWindow
GetClientRect
GetWindowRect
SetWindowPos

gdi32

CreateBitmap
CreatePatternBrush
CreateRectRgnIndirect
SetRectRgn
SelectClipRgn
GetClipBox
PatBlt
SetBkColor
ExtTextOutW
SetTextColor
SetBkMode
CreateCompatibleDC
BitBlt
PtInRegion
DeleteDC
CombineRgn
CreateFontIndirectW
CreateRectRgn
GetObjectW
DeleteObject
GetDIBits
SelectObject

advapi32

RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance

oleaut32

VarUI4FromStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3315a8ec8b3a582cafff8a545edf4e1e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 68KB - Virtual size: 68KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 68KB - Virtual size: 68KB

.reloc
Size: 8KB - Virtual size: 7KB