e8a69022bfd8b32a1c44b7b29b00c763394c5c1d88e7dcb37ddba88f8055e350

Sharing

Copy URL Twitter E-mail

General

Target

e8a69022bfd8b32a1c44b7b29b00c763394c5c1d88e7dcb37ddba88f8055e350
Size

202KB
MD5

0328853045ba6ae4cc7ef14355d4a0a0
SHA1

0ac7692ac1df52124d2719d4f1d8df07d42fcc2c
SHA256

e8a69022bfd8b32a1c44b7b29b00c763394c5c1d88e7dcb37ddba88f8055e350
SHA512

0ea3319eb0e21e145a73151771117b1c9c85eb3a4d0d567fefa0eacaa36f1baf738db05f24584f42665c1f056d034d4a45805ee925098fd4eaf25cb8285a652d
SSDEEP

6144:1aHkoSqc0vnf2wmJXgPh8Mk7EaRQcAiA++uU:4EoSqVfcJPbE+Q+q

Score

N/A

Malware Config

Signatures

Files

e8a69022bfd8b32a1c44b7b29b00c763394c5c1d88e7dcb37ddba88f8055e350
.dll regsvr32 windows x86

d8789341b96015e88c0005030756bc51

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcspbrk
iswdigit
_wtoi
towupper
wcsstr
bsearch
wcsncmp
_wcsnicmp
_wcsicmp
wcsrchr
_beginthreadex
_vsnwprintf
wcschr
towlower
iswspace
_wtol
??_U@YAPAXI@Z
_onexit
_lock
__dllonexit
_unlock
memmove
_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
??_V@YAXPAX@Z
memcpy
realloc
malloc
memset
??2@YAPAXI@Z
free
_purecall
??3@YAXPAX@Z

uxtheme

OpenThemeData
DrawThemeParentBackground
CloseThemeData

kernel32

GetDriveTypeW
CreateFileW
SetErrorMode
CreateThread
WaitForSingleObject
DeviceIoControl
CreateFileA
CreateMutexW
DebugBreak
WideCharToMultiByte
GetVersion
QueryDosDeviceW
GetLastError
lstrcpyW
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
lstrlenW
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
GetVersionExW
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
MultiByteToWideChar
lstrcmpiW
RaiseException
lstrcpynW
lstrcatW
GlobalAddAtomW
GlobalDeleteAtom
lstrlenA
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
InterlockedExchange
Sleep
InterlockedCompareExchange
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetFileAttributesW
SetLastError
GetExitCodeThread
DeleteCriticalSection
ExpandEnvironmentStringsW
CompareStringW
CloseHandle
CompareStringA

advapi32

RegQueryValueExW
TraceMessage
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

ole32

CreateStreamOnHGlobal
OleLockRunning
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoInitializeEx
CoUninitialize
CoMarshalInterface
CoUnmarshalInterface
RegisterDragDrop
RevokeDragDrop
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VariantInit
VariantClear
SysStringLen
RegisterTypeLi
VarUI4FromStr
SysAllocString
SysFreeString
SysAllocStringLen
LoadRegTypeLi
VariantCopy
VariantChangeType
LoadTypeLi

user32

FillRect
SetForegroundWindow
CharPrevW
SetWindowPos
SendMessageW
EnumWindows
GetClassNameW
GetParent
FindWindowW
IsWindowVisible
ShowWindow
PostMessageW
CharNextW
LoadCursorW
RegisterClassW
CreateWindowExW
SetLayeredWindowAttributes
SetWindowLongW
BeginPaint
EndPaint
UnregisterClassW
DestroyAcceleratorTable
GetClientRect
CreateAcceleratorTableW
IsWindow
DestroyWindow
DefWindowProcW
InvalidateRgn
InvalidateRect
GetTopWindow
GetDC
SetFocus
GetFocus
KillTimer
IntersectRect
SetTimer
GetDesktopWindow
MonitorFromRect
GetMonitorInfoW
GetWindowLongW
GetWindow
GetWindowRect
EqualRect
SetRect
UnregisterHotKey
GetClassNameA
GetWindowThreadProcessId
SendMessageTimeoutA
GetAsyncKeyState
CharNextA
RegisterHotKey
IsIconic
ReleaseDC
GetCursorPos

gdi32

GetDeviceCaps

shell32

ShellExecuteExW

shlwapi

PathGetCharTypeW
PathGetCharTypeA

mpr

WNetAddConnection2W
WNetCancelConnection2W
WNetGetConnectionW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d8789341b96015e88c0005030756bc51

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

uxtheme

kernel32

advapi32

ole32

oleaut32

user32

gdi32

shell32

shlwapi

mpr

Exports

Exports

Sections

.text Size: 81KB - Virtual size: 81KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 4KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 81KB - Virtual size: 81KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 108KB - Virtual size: 108KB