1924ca4a0152570df64e88137265510573140474692dbc63dd55dc947d6f0408

Sharing

Copy URL Twitter E-mail

General

Target

1924ca4a0152570df64e88137265510573140474692dbc63dd55dc947d6f0408
Size

608KB
MD5

29f635b4f0f9c196f3207d959a785542
SHA1

63a2998d411e545a08bf5834381b7c9c99bb1b23
SHA256

1924ca4a0152570df64e88137265510573140474692dbc63dd55dc947d6f0408
SHA512

b586c7bc1efcbe9fc9f75808ea5b29d9142bed110e80388f298da00a6d6b099c70fdd94afa626d728e43498a9170073683b1bd1d30201063e712f69a1d6df975
SSDEEP

12288:XuY5e3E9Tr2uhbtK+7uBmhZG3OmWsN/8us82Lh2RUs+SA:XuYCObtKEuBj3OEiumvXSA

Score

N/A

Malware Config

Signatures

Files

1924ca4a0152570df64e88137265510573140474692dbc63dd55dc947d6f0408
.dll regsvr32 windows x86

88006c110960ce0b06354982e49c2846

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CLSIDFromProgID
StringFromCLSID
CoUninitialize
CoInitialize
CreateStreamOnHGlobal
GetHGlobalFromStream
CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CreateBindCtx
CoTaskMemFree
CoCreateInstance

shlwapi

PathFindExtensionW
ord2
PathFindFileNameW
StrCmpW
StrCmpNIA
PathIsURLW
UrlUnescapeW
PathSearchAndQualifyW
UrlCreateFromPathW
PathCreateFromUrlW
UrlIsW
StrCpyW
StrCmpIW
StrCmpNIW
StrCmpNW
ord136
ord60
ord116
ord69
ord131
ord55
ord117
ord147
ord56
ord51
ord26
ord25
ord38
ord43
ord68
ord52
ord45
ord128
ord125
ord83

kernel32

LocalAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
VirtualProtect
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
HeapReAlloc
GetOEMCP
GetACP
lstrcpyA
lstrlenA
GetProcAddress
LoadLibraryA
FreeLibrary
TlsGetValue
lstrcmpiA
MultiByteToWideChar
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
TlsSetValue
HeapAlloc
HeapFree
GetCurrentThreadId
DuplicateHandle
GetCurrentThread
GetCurrentProcess
CloseHandle
GetModuleHandleA
GetVersionExA
TlsAlloc
TlsFree
GetProcessHeap
InterlockedExchange
lstrlenW
GetThreadContext
Sleep
WaitForSingleObject
SetEvent
ResetEvent
ResumeThread
SuspendThread
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
GetTickCount
ReleaseSemaphore
DeleteCriticalSection
CreateSemaphoreA
InitializeCriticalSection
VirtualAlloc
VirtualFree
HeapDestroy
GetLastError
HeapCreate
GetSystemInfo
SetLastError
DebugBreak
RaiseException
WideCharToMultiByte
LoadLibraryExA
SizeofResource
LockResource
LoadResource
FindResourceA
FormatMessageA
FileTimeToSystemTime
SystemTimeToFileTime
GetSystemDefaultLCID
GetCPInfo
WriteFile
GetFileType
SetFilePointer
CreateFileA
FlushFileBuffers
ReadFile
GetThreadLocale
GlobalUnlock
GlobalLock
GetTimeFormatA
GetDateFormatA
lstrcatA
CreateEventA
lstrcatW
SetThreadPriority
CreateThread
GetCommandLineA
RtlUnwind
VirtualQuery
ExitProcess
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW

Exports

Exports

ServiceMain
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 392KB - Virtual size: 391KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88006c110960ce0b06354982e49c2846

Headers

File Characteristics

Imports

ole32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 392KB - Virtual size: 391KB

.data Size: 13KB - Virtual size: 29KB

.rsrc Size: 174KB - Virtual size: 174KB

.reloc Size: 27KB - Virtual size: 26KB

.text
Size: 392KB - Virtual size: 391KB

.data
Size: 13KB - Virtual size: 29KB

.rsrc
Size: 174KB - Virtual size: 174KB

.reloc
Size: 27KB - Virtual size: 26KB