8185dfb2133fa9e0073e3f4f3cf90aa9490179f58b46c6cca062199afdc10974

Sharing

Copy URL Twitter E-mail

General

Target

8185dfb2133fa9e0073e3f4f3cf90aa9490179f58b46c6cca062199afdc10974
Size

119KB
MD5

a975183675f28b687f4e955a1be159d6
SHA1

a108875dc3c9541982b46db162df822f1f512b02
SHA256

8185dfb2133fa9e0073e3f4f3cf90aa9490179f58b46c6cca062199afdc10974
SHA512

951ad147d8efa4b3e6d710b4e6b99557c2ff8371ab79035fc17260db0f63abf410d171bedb7538fb7cd94be6ebd76e18ff1a5545dcfa633826bb9b69b2cde110
SSDEEP

1536:zDbncbuqoL6KXP6B20SBF8FI2xqMsR/yI3r9DoRBvDXTWP4Jyb092f4haT8Wp3F:z3cbuqMXP6B2X4IvMIyI3r9DoRBb8p3

Score

N/A

Malware Config

Signatures

Files

8185dfb2133fa9e0073e3f4f3cf90aa9490179f58b46c6cca062199afdc10974
.dll regsvr32 windows x86

c54959b8ca6fa2c1d4808bea6c1c501f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

WmiOpenBlock
WmiReceiveNotificationsW
OpenProcessToken
GetTokenInformation
LookupPrivilegeValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
WmiCloseBlock

batmeter

CreateBatMeter
BatMeterCapabilities
UpdateBatMeter
PowerCapabilities
DestroyBatMeter

gdi32

CreateBitmap
CreateCompatibleDC
SelectObject
BitBlt
GetPixel
SetPixel
DeleteDC
DeleteObject
GetObjectW

kernel32

GlobalAlloc
GetFileAttributesW
SearchPathW
WinExec
GetLastError
GetCurrentProcess
CreateEventW
WaitForSingleObject
SetLastError
SetEvent
CreateThread
ResetEvent
VerifyVersionInfoW
lstrcmpiW
GetVolumeNameForVolumeMountPointW
lstrlenW
GlobalLock
UnregisterWaitEx
UnregisterWait
QueryPerformanceFrequency
InterlockedDecrement
FreeLibraryAndExitThread
GetModuleFileNameW
DisableThreadLibraryCalls
InterlockedCompareExchange
LoadLibraryA
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GlobalHandle
GlobalUnlock
GlobalFree
CreateFileW
GetSystemDirectoryW
FormatMessageW
FreeLibrary
GetProcAddress
RegisterWaitForSingleObject
CloseHandle
GetWindowsDirectoryW
lstrcpynW
DelayLoadFailureHook
GetModuleHandleW
QueryPerformanceCounter
lstrcmpW
LocalFree
GetSystemPowerStatus
InterlockedIncrement
LoadLibraryW
LocalAlloc

msvcrt

wcsncpy
wcschr
free
_initterm
malloc
_adjust_fdiv
_vsnwprintf
_except_handler3

ntdll

VerSetConditionMask

ole32

CoInitializeEx
CoCreateInstance
StringFromGUID2
CoUninitialize

powrprof

EnumPwrSchemes
GetActivePwrScheme
WriteGlobalPwrPolicy
ReadGlobalPwrPolicy
SetActivePwrScheme

setupapi

CM_Get_Child
CM_Get_Sibling
CM_Get_Device_IDW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW
CM_Is_Dock_Station_Present
CM_Get_Device_ID_ExW
CM_Get_Device_Interface_List_SizeW
CM_Get_Device_Interface_ListW
CM_Request_Device_Eject_ExW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoListExW
SetupDiDeleteDeviceInfo
CM_Locate_DevNodeW
SetupDiOpenDeviceInfoW
CM_Get_DevNode_Status_Ex
SetupDiEnumDeviceInfo
CM_Get_DevNode_Registry_Property_ExW
CM_Get_DevNode_Registry_PropertyW
CM_Get_DevNode_Status
SetupDiGetDeviceInstanceIdW

shell32

ord2
ord89
ord195
Shell_NotifyIconW
ShellExecuteW
ord644
ord645
ord4

shlwapi

StrCpyNW
StrToIntW
PathAppendW
StrCatBuffW
PathFindFileNameW

user32

IsWindow
GetSystemMetrics
DestroyMenu
CreatePopupMenu
SetMenuDefaultItem
CheckMenuRadioItem
AppendMenuW
SetMenuItemInfoW
SystemParametersInfoW
GetSysColor
GetIconInfo
CreateIconIndirect
DeregisterShellHookWindow
RegisterShellHookWindow
LoadImageW
DestroyIcon
RegisterWindowMessageW
LoadIconW
LoadCursorW
RegisterClassExW
CreateDialogParamW
GetMessageW
IsDialogMessageW
DispatchMessageW
DefWindowProcW
PostQuitMessage
WinHelpW
KillTimer
GetDoubleClickTime
SetTimer
GetDlgItem
TrackPopupMenu
GetMenuItemInfoW
RegisterDeviceNotificationW
CheckDlgButton
ShowWindow
InvalidateRect
LoadStringW
GetWindow
FindWindowW
SendMessageW
SetForegroundWindow
PostMessageW
IsDlgButtonChecked
EndDialog
UnregisterDeviceNotification
wsprintfW
GetCursorPos
SetFocus
TranslateMessage

wtsapi32

WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c54959b8ca6fa2c1d4808bea6c1c501f

Headers

File Characteristics

Imports

advapi32

batmeter

gdi32

kernel32

msvcrt

ntdll

ole32

powrprof

setupapi

shell32

shlwapi

user32

wtsapi32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 30KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 84KB - Virtual size: 84KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 30KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 84KB - Virtual size: 84KB

.reloc
Size: 2KB - Virtual size: 1KB