bd2011574b4dc246b35e9f4d13b5f6c951230563b942fcfe7f02a247c5cb78c9

Sharing

Copy URL

Twitter E-mail

General

Target

bd2011574b4dc246b35e9f4d13b5f6c951230563b942fcfe7f02a247c5cb78c9
Size

88KB
MD5

4aff50c67fa1cbe312811c4683f60599
SHA1

1fbd41d8727577898487464b7a3f72b043484cab
SHA256

bd2011574b4dc246b35e9f4d13b5f6c951230563b942fcfe7f02a247c5cb78c9
SHA512

a5af3d3ca0d41e75c4cf2acd968707e9065c84d3a4361aec4187ed1f3892ca1fb1e1a43f63978f688591e01f73dc3122c05e9ab2f04896849168275cd1ee1934
SSDEEP

768:ZoGTZsSFQXNSyk736FAJbMZkV5IsYXQ98QTsvV1U/zIid5ZWbZiB9GDrfkUpq4uB:Zo8K9SyoRJJMQTsvkIizarsZNomiH

Score

N/A

Malware Config

Signatures

Files

bd2011574b4dc246b35e9f4d13b5f6c951230563b942fcfe7f02a247c5cb78c9
.dll regsvr32 windows x86

ebd515deaddb694e5924bdd02ffc9a3a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
lstrlenW
MultiByteToWideChar
GetShortPathNameA
GetModuleHandleA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
GetLastError
LoadLibraryExA
lstrcpynA
EnterCriticalSection
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcatA
GetSystemDirectoryA
GetTickCount
GetLocalTime
CloseHandle
FlushFileBuffers
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
lstrlenA
lstrcpyA
lstrcmpiA
IsDBCSLeadByte
DisableThreadLibraryCalls
SetStdHandle
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
SetFilePointer
GetCPInfo
WriteFile
GetEnvironmentStringsW
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
LCMapStringA
LCMapStringW
ExitProcess
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
VirtualAlloc
RtlUnwind
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings

user32

FindWindowExA
CharNextA
MessageBoxA
SendMessageA

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegEnumValueA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance

oleaut32

VarUI4FromStr
VariantChangeType
VariantCopy
VariantClear
SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString

shlwapi

PathIsDirectoryA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebd515deaddb694e5924bdd02ffc9a3a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 25KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 4KB