cf341fcda7918e77ecf50a1c6e5bcdf20610aa23a3091e3e87a3a6b5b955c3f3

Sharing

Copy URL Twitter E-mail

General

Target

cf341fcda7918e77ecf50a1c6e5bcdf20610aa23a3091e3e87a3a6b5b955c3f3
Size

36KB
MD5

de770b236ca4f95dac521f5183b4f09d
SHA1

0ef585d8ed090f0383e1579e9e00bb847f53fddc
SHA256

cf341fcda7918e77ecf50a1c6e5bcdf20610aa23a3091e3e87a3a6b5b955c3f3
SHA512

0c2248ce7b6bbf4ffcff6591f48a98f1a3ad1bf3c917f3cee9e7d8ffc56a7c9c56d2522c20e8d46d095bdd48eb32794eea6ecd1b54d50ff36836d6e0164b2210
SSDEEP

384:HAHHeOksHesHvyFk7HuBBQARQkVELd0FI+CfcWaGFI:H6vVHDOBBQARQkVELd3+CLN

Score

N/A

Malware Config

Signatures

Files

cf341fcda7918e77ecf50a1c6e5bcdf20610aa23a3091e3e87a3a6b5b955c3f3
.dll regsvr32 windows x86

3c187c1b57a77e9247990d152d11c041

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetEvent
OpenEventA
CreateEventA
TerminateProcess
GetCurrentProcess
DisableThreadLibraryCalls
GetModuleFileNameA
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
lstrlenW
WinExec
VirtualAlloc
lstrcatA
VirtualProtect
CreateThread
GetCurrentDirectoryA
GetPrivateProfileStringA
GetModuleHandleA
lstrlenA
LoadLibraryA
GetProcAddress
IsBadReadPtr
Sleep
DeleteCriticalSection

user32

KillTimer
SetWindowsHookExA
CallNextHookEx
wsprintfA
SetTimer

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyA

oleaut32

LoadRegTypeLi
SysStringLen
SysFreeString

atl

ord15
ord16
ord21
ord18
ord57
ord58
ord30
ord32
ord23

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle
InternetReadFile

ws2_32

closesocket

msvcrt

_strcmpi
strrchr
_purecall
??2@YAPAXI@Z
_strlwr
_itoa
_adjust_fdiv
malloc
_initterm
free

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c187c1b57a77e9247990d152d11c041

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

atl

wininet

ws2_32

msvcrt

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 1KB