eb92f2f64cdc71f0a4b076f62c69694724fe2589d1e98a824b9741dfcd48e21f

Sharing

Copy URL Twitter E-mail

General

Target

eb92f2f64cdc71f0a4b076f62c69694724fe2589d1e98a824b9741dfcd48e21f
Size

1.2MB
MD5

4fb2cbe7367a3aa5ac1772a138c21bb0
SHA1

27ae8df8827b419cfc489fdadbf25096c938d490
SHA256

eb92f2f64cdc71f0a4b076f62c69694724fe2589d1e98a824b9741dfcd48e21f
SHA512

472e1ab0072874512af1fcdc64bbd109ec896991907e8965960a00a9fe1d70f4a7389dec5ff1215cc33e28fe2e0a1f9ee62a97502dbc644ba8475d83d298f505
SSDEEP

12288:6g4FCJceYwrRznJqbCjA16HIq/4P1o0E7jSOCCA40GF:6g4WPo16oq/n0E7jSYAQF

Score

N/A

Malware Config

Signatures

Files

eb92f2f64cdc71f0a4b076f62c69694724fe2589d1e98a824b9741dfcd48e21f
.dll regsvr32 windows x86

a0d9fa2685b510dbd5894beba80edf49

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

wtsapi32

WTSQueryUserToken

winmm

timeGetDevCaps
timeSetEvent

shlwapi

PathFileExistsW
PathAddBackslashW
PathFindExtensionW
PathFindFileNameW
PathFindFileNameA
PathFindExtensionA
SHEnumKeyExW
SHSetValueW
StrStrIA
SHGetValueW

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Add
ImageList_ReplaceIcon
ImageList_Remove

msimg32

GradientFill
TransparentBlt

kernel32

LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
WritePrivateProfileStringW
ReadFile
SetFilePointer
FlushFileBuffers
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
Sleep
ExitProcess
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualFree
VirtualAlloc
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrlenA
lstrcmpA
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
GetVersionExA
GetProcessHeap
HeapFree
ExpandEnvironmentStringsA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
WriteFile
GetSystemTimeAsFileTime
LoadLibraryA
InterlockedCompareExchange
IsProcessorFeaturePresent
CreateMutexA
QueryPerformanceCounter
WaitForSingleObject
lstrcpynW
ReleaseMutex
GetVersionExW
GetSystemDirectoryW
TerminateProcess
FindResourceExW
FreeResource
lstrcatW
InterlockedExchange
LoadLibraryExW
DeleteCriticalSection
InitializeCriticalSection
SetThreadLocale
FormatMessageW
LocalFree
GetLastError
GetProcAddress
GetModuleHandleW
InterlockedIncrement
GetThreadLocale
MultiByteToWideChar
GetModuleFileNameW
SetLastError
LoadLibraryW
FreeLibrary
InterlockedDecrement
FindNextFileW
lstrcmpiW
GetFileAttributesW
ExpandEnvironmentStringsW
GetCurrentThreadId
lstrlenW
GetLocaleInfoW
WideCharToMultiByte
HeapDestroy
lstrcmpW
FindFirstFileW
FindClose
lstrcpynA
lstrcmpiA
GetCurrentProcessId
ProcessIdToSessionId
GetUserDefaultUILanguage
CloseHandle
GetSystemDefaultLCID
MulDiv
GetCurrentProcess
FlushInstructionCache
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
RaiseException
HeapReAlloc
HeapCreate
HeapAlloc
FormatMessageA
RtlUnwind

user32

DestroyMenu
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuStringW
RegisterWindowMessageW
SendDlgItemMessageA
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetKeyState
SetMenu
GetMenuItemID
GetMenuItemCount
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
EnableMenuItem
UnregisterClassA
SetRectEmpty
IsWindowEnabled
GetActiveWindow
SetActiveWindow
GetSystemMetrics
PeekMessageW
DispatchMessageW
TranslateMessage
EnumDisplayDevicesW
GetFocus
GetWindowThreadProcessId
AttachThreadInput
BringWindowToTop
SetForegroundWindow
EqualRect
GetAncestor
GetNextDlgTabItem
LoadStringW
GetWindowTextLengthW
GetWindowTextW
KillTimer
SetTimer
ClientToScreen
GetWindowContextHelpId
GetDesktopWindow
IntersectRect
WinHelpW
IsDialogMessageW
CharNextW
LoadImageW
MoveWindow
GetSubMenu
IsWindowVisible
DialogBoxParamW
LoadMenuW
UpdateWindow
ScreenToClient
TrackPopupMenu
CallWindowProcW
GetDoubleClickTime
DefWindowProcW
DestroyWindow
TrackMouseEvent
MessageBeep
RedrawWindow
GetMenuDefaultItem
DrawFocusRect
DrawFrameControl
DrawEdge
FrameRect
GetSysColorBrush
OffsetRect
CreateDialogIndirectParamW
PostQuitMessage
GetCursorPos
GetMessageW
InflateRect
PtInRect
CopyRect
GetDlgCtrlID
GetDlgItemInt
GetDlgItemTextW
FillRect
SetDlgItemInt
GetMessagePos
WindowFromPoint
IsWindow
EndDialog
CreateWindowExW
MessageBoxW
PostMessageW
GetParent
MapWindowPoints
LoadBitmapW
SendDlgItemMessageW
LoadCursorW
SetCursor
GetSysColor
GetWindowLongW
SetWindowPos
GetClassNameW
GetWindow
CreateDialogParamW
wsprintfW
DestroyIcon
SetDlgItemTextA
ShowWindow
LoadIconW
GetDC
ReleaseDC
GetDialogBaseUnits
SetDlgItemTextW
IsDlgButtonChecked
CheckDlgButton
SetFocus
SetWindowLongW
SetWindowTextW
GetDlgItem
SendMessageW
EnableWindow
ValidateRect
InvalidateRect
GetClientRect
GetWindowRect
FindWindowW
UnregisterClassW
GetForegroundWindow
CheckMenuItem

gdi32

PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CreateDIBSection
GetDeviceCaps
CreateSolidBrush
CreateBrushIndirect
CreateFontIndirectW
SelectObject
GetTextMetricsW
GetTextExtentPointW
DeleteObject
FillRgn
CombineRgn
CreateRoundRectRgn
CreateRectRgn
CreatePatternBrush
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
ExcludeClipRect
SetMapMode
RestoreDC
SaveDC
SetBkColor
GetClipBox
CreateBitmap
CreateDCW
SetTextColor
SetBkMode
SetBrushOrgEx
GetStockObject
GetCurrentObject
PatBlt
GetTextColor
GetObjectW
DeleteDC
GetTextExtentPoint32W

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
ImpersonateLoggedOnUser
RevertToSelf
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

ExtractIconExW
ShellExecuteW
ShellExecuteExW
SHGetFolderPathW

ole32

CreateStreamOnHGlobal
StringFromGUID2
StringFromCLSID
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

SysFreeString
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocString
SysAllocStringLen
VarUI4FromStr
UnRegisterTypeLi
RegisterTypeLi
VariantChangeType
VariantClear
VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetNvidiaModuleFirstTimestamp

Sections

.text
Size: 286KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 739KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a0d9fa2685b510dbd5894beba80edf49

Headers

File Characteristics

Imports

version

wtsapi32

winmm

shlwapi

comctl32

msimg32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 286KB - Virtual size: 285KB

.rdata Size: 82KB - Virtual size: 82KB

.data Size: 18KB - Virtual size: 34KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 740KB - Virtual size: 739KB

.reloc Size: 63KB - Virtual size: 63KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 286KB - Virtual size: 285KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 18KB - Virtual size: 34KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 740KB - Virtual size: 739KB

.reloc
Size: 63KB - Virtual size: 63KB

.rmnet
Size: 56KB - Virtual size: 60KB