e27d01137fda286c5ebf7aa0eb96ee72017f43c11fd4aaad06bc40a269cb4c8b

General

Target

e27d01137fda286c5ebf7aa0eb96ee72017f43c11fd4aaad06bc40a269cb4c8b
Size

344KB
MD5

67b78557478b53101b39bd5d225b2b40
SHA1

0ca774dc43a96f65532c6224a320b32151f91d1c
SHA256

e27d01137fda286c5ebf7aa0eb96ee72017f43c11fd4aaad06bc40a269cb4c8b
SHA512

af73a8b772f50e46b3e1e854a821e6669585df5078bea9918c0a8db4b02ca3ed8ebb8c28d06e176e6d1802de049e65c084d0d2f104ed7a545aaedcc1855b39e5
SSDEEP

6144:jyQU4NlU9wI+zzGsVdYWH4GPoxP0asrdQPge8Ky9mU70:jyQUCA+zSsgWYLPYrdKg1KC7

Score

N/A

Malware Config

Signatures

Files

e27d01137fda286c5ebf7aa0eb96ee72017f43c11fd4aaad06bc40a269cb4c8b
.dll regsvr32 windows x86

f0a3b12f9a044ca6a3eed70e82f4bec3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatW
DeleteFileW
GetProcAddress
LoadLibraryA
VirtualAlloc
GetLongPathNameA
GetModuleFileNameA
MultiByteToWideChar
CreateFileW
GetLastError
GetFileSize
SetFilePointer
ReadFile
WriteFile
SetEndOfFile
CloseHandle

user32

PostMessageA

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA
RegDeleteKeyA

shell32

SHGetSpecialFolderPathW

ole32

StringFromCLSID
CoTaskMemFree

winmm

timeGetTime

mfc42

ord825
ord823

msvcrt

_adjust_fdiv
_initterm
wcstombs
atoi
malloc
free
time
__CxxFrameHandler
mktime

Exports

Exports

DeleteByLocalA
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
UpdateByLocalA
UpdateByLocalW
UpdateIDA
UpdateLocalWithSpecifiedIDA

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0a3b12f9a044ca6a3eed70e82f4bec3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

winmm

mfc42

msvcrt

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 292KB - Virtual size: 290KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 292KB - Virtual size: 290KB

.reloc
Size: 4KB - Virtual size: 1KB