5cba4f85845030a12e031bd723eede93a31f1d2fba41a2f984729d7870abaa31

Sharing

Copy URL Twitter E-mail

General

Target

5cba4f85845030a12e031bd723eede93a31f1d2fba41a2f984729d7870abaa31
Size

392KB
MD5

3f4413dcd8d3bbabf08f68f25e6d60e1
SHA1

eb17d44aa0816580a9fd144eb617b56468f99434
SHA256

5cba4f85845030a12e031bd723eede93a31f1d2fba41a2f984729d7870abaa31
SHA512

b9fe23f620821148672aa48ea9aa8cb3fa337ac1c930b1bf5b8bcf755f3f84a55c6bc6453d867dbadfe4ad05ebce25e5e415821c0298938464c23f625f8c4aa6
SSDEEP

6144:8ucT5UOiO+JZCDmQ1dk28oHQcBvWycBHjl:8XkO+JZCJ38lSBu

Score

N/A

Malware Config

Signatures

Files

5cba4f85845030a12e031bd723eede93a31f1d2fba41a2f984729d7870abaa31
.dll regsvr32 windows x86

fca4c5ba11ed0ead3d8a21b06f45411b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetShortPathNameA
GetModuleFileNameA
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcatA
FlushInstructionCache
GetCurrentProcess
LockResource
FindResourceA
GetUserDefaultLangID
VirtualQuery
VirtualProtect
SearchPathA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetEvent
ResetEvent
QueryPerformanceCounter
SystemTimeToFileTime
lstrcmpA
SetEndOfFile
GlobalReAlloc
IsBadReadPtr
GetOEMCP
GetACP
GetCPInfo
QueryPerformanceFrequency
SetStdHandle
FlushFileBuffers
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
HeapSize
TerminateProcess
ExitProcess
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetVersion
GetCommandLineA
HeapReAlloc
HeapFree
HeapAlloc
RaiseException
RtlUnwind
InterlockedExchange
GetPrivateProfileSectionNamesA
WritePrivateProfileSectionA
WritePrivateProfileStringA
GetPrivateProfileStringA
CopyFileA
SetFilePointer
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
GlobalFree
GlobalSize
WideCharToMultiByte
CreateFileA
WriteFile
MoveFileA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleHandleA
lstrcmpiA
lstrcpynA
FindNextFileA
GetFileAttributesA
FindResourceExA
LoadResource
GetTempFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
GetTickCount
GetCurrentThreadId
FindFirstFileA
FindClose
SetLastError
lstrlenA
DeleteFileA
RemoveDirectoryA
WaitForSingleObject
lstrcpyA
CreateProcessA
GetExitCodeProcess
FormatMessageA
LocalFree
CloseHandle
GetTempPathA
CreateDirectoryA
GetLastError
InterlockedDecrement
GetVersionExA
CompareStringW
CompareStringA
MultiByteToWideChar
lstrlenW
IsBadCodePtr

user32

PeekMessageA
EnableWindow
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageA
CharLowerA
wsprintfA
MessageBoxA
GetDlgItem
SetDlgItemTextA
IsWindow
SetWindowTextA
GetDesktopWindow
SetPropA
FindWindowA
LoadStringA
CharLowerBuffA
GetSysColorBrush
GetParent
GetWindow
SystemParametersInfoA
CharNextA
IsDlgButtonChecked
KillTimer
GetDlgCtrlID
BeginPaint
EndPaint
FillRect
ScreenToClient
GetClientRect
SetWindowPos
GetMessageA
IsDialogMessageA
SetForegroundWindow
GetPropA
MapWindowPoints
RemovePropA
CreateDialogIndirectParamA
CreateDialogParamA
InvalidateRect
UpdateWindow
SetCursor
ClientToScreen
GetWindowRect
PtInRect
LoadCursorA
EndDialog
GetActiveWindow
DialogBoxParamA
EnableMenuItem
GetSystemMenu
AppendMenuA
LoadImageA
GetWindowLongA
SetWindowLongA
SetWindowRgn
ShowWindow
SendMessageA
SendDlgItemMessageA
DestroyWindow
ExitWindowsEx
GetSysColor

gdi32

SetBkMode
TextOutA
RestoreDC
GetObjectA
CreateFontIndirectA
SetBkColor
CreateRectRgn
DeleteObject
CreateSolidBrush
SaveDC
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
GetStockObject
SelectObject
SetTextColor

comdlg32

GetSaveFileNameA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteExA

ole32

CoCreateInstance
CoCreateGuid
StringFromGUID2
CoTaskMemFree
ProgIDFromCLSID
StgOpenStorage
CLSIDFromString
CoLoadLibrary
CLSIDFromProgID
StringFromCLSID

oleaut32

LoadRegTypeLi
VariantCopy
SetErrorInfo
CreateErrorInfo
SafeArrayGetElement
VariantInit
SafeArrayGetLBound
SafeArrayGetUBound
VariantChangeType
GetErrorInfo
RegisterTypeLi
LoadTypeLi
DispCallFunc
SysAllocStringByteLen
SafeArrayDestroy
SafeArrayCreate
SafeArrayPutElement
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString
SysAllocString
SysStringByteLen

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegQueryValueA
CryptDestroyHash
CryptDestroyKey
CryptAcquireContextA
CryptReleaseContext

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

crypt32

CertCloseStore
CryptMsgClose

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 224KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fca4c5ba11ed0ead3d8a21b06f45411b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

advapi32

version

crypt32

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 220KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 24KB - Virtual size: 34KB

.rsrc Size: 72KB - Virtual size: 71KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 224KB - Virtual size: 220KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 24KB - Virtual size: 34KB

.rsrc
Size: 72KB - Virtual size: 71KB

.reloc
Size: 24KB - Virtual size: 23KB