16e865fc1d3413dc5558d8a8f2bbb0ea1c54d389af11427c4e86cedd745e6a34

Sharing

Copy URL Twitter E-mail

General

Target

16e865fc1d3413dc5558d8a8f2bbb0ea1c54d389af11427c4e86cedd745e6a34
Size

50KB
MD5

e0e34dc5a4c77882a45e675bbe2e61e3
SHA1

6ce97918cf88235e285b1dc118b082b1bacd77e3
SHA256

16e865fc1d3413dc5558d8a8f2bbb0ea1c54d389af11427c4e86cedd745e6a34
SHA512

1cf8be880e6e6e546a5084e3e14b13e1979c40baaa0f05b04d0c0ac36839ddd6bd4324d6ecf7e7171b57c472b384db7f96336a6d3fd8a913941e869912e07d3c
SSDEEP

384:TxCCvdd0Qz9CkEgczgVZaXGZCfk28OoLgvRXYlXthsMLZfcVc96YuysOxn2to:TxC69jCACsFOJlYdTkhYfxA

Score

N/A

Malware Config

Signatures

Files

16e865fc1d3413dc5558d8a8f2bbb0ea1c54d389af11427c4e86cedd745e6a34
.dll regsvr32 windows x86

5ef75987ec1579e6ccf626304e95265d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
InterlockedDecrement
SetFileAttributesA
GetFileAttributesA
DisableThreadLibraryCalls
HeapAlloc
GetSystemInfo
GetVersionExA
HeapCreate
GetModuleFileNameA
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
lstrcpyA
GetTempPathA
CreateFileMappingA
GetSystemDirectoryA
OpenMutexA
LockResource
FreeResource
LoadResource
SizeofResource
FindResourceA
LoadLibraryExA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
FindClose
FindNextFileA
FindFirstFileA
GetVolumeInformationA
GetCurrentDirectoryA
CreateToolhelp32Snapshot
Process32First
Process32Next
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentProcess
GetLastError
LocalFree
MultiByteToWideChar
GetFileSize
ReadFile
CreateFileA
WriteFile
CloseHandle
WideCharToMultiByte
lstrlenA

user32

wsprintfA
SendMessageA
KillTimer
DefWindowProcA
GetDesktopWindow
RegisterClassExA
CreateWindowExA
SetTimer
ShowWindow
PostMessageA
EnumChildWindows

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoInitialize
CoCreateGuid
CLSIDFromString
CoUninitialize

oleaut32

SysFreeString
VariantClear
SysAllocStringLen
SysStringLen
LoadRegTypeLi
VariantChangeType
VariantCopy
SysAllocString

atl

ord31
ord32
ord30
ord58
ord15
ord16
ord21
ord23

msvcrt

free
sprintf
strncpy
??1type_info@@UAE@XZ
_mbsstr
??3@YAXPAX@Z
??2@YAPAXI@Z
_strlwr
_purecall
_beginthreadex
_except_handler3
_mbslwr
strstr
memmove
_initterm
_adjust_fdiv
__dllonexit
_onexit
wcslen
_CxxThrowException
malloc

psapi

GetModuleFileNameExA

shlwapi

SHDeleteKeyA

netapi32

Netbios

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ef75987ec1579e6ccf626304e95265d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

atl

msvcrt

psapi

shlwapi

netapi32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 302KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 302KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 7KB - Virtual size: 6KB