d60a181c048e8bc12c7d4c011d0e9aedad79822bf0fbdf1ada2e8616ac55fd20

Sharing

Copy URL Twitter E-mail

General

Target

d60a181c048e8bc12c7d4c011d0e9aedad79822bf0fbdf1ada2e8616ac55fd20
Size

1.1MB
MD5

04e283afd108f6dbdac753d52692e930
SHA1

9e9097a6e921acab58931b7eb92a5c3561737e90
SHA256

d60a181c048e8bc12c7d4c011d0e9aedad79822bf0fbdf1ada2e8616ac55fd20
SHA512

034917399c4949b88da0581ba99ea97da3596447c526da2c8e8b06eaa671491e351a393ad197bea7323836a14644ef3fbaa056bd451a5d70a903ab9043a89799
SSDEEP

24576:gGW8L99XSJrjaVfA7iDDOwxt6ANSCa2Udkc9FnuGBs:/92vaDCw6ANpaHXFnuX

Score

N/A

Malware Config

Signatures

Files

d60a181c048e8bc12c7d4c011d0e9aedad79822bf0fbdf1ada2e8616ac55fd20
.dll regsvr32 windows x86

6f3336710df12dee1b3b8c4af03a51a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

iswspace
towlower
wcstol
_getdrive
iswalnum
towupper
_wtoi64
_beginthreadex
_snwprintf
_strnicmp
strchr
wcsspn
ceil
qsort
calloc
wcsncmp
wcstok
localtime
wcschr
_wtol
swprintf
realloc
wcscmp
wcscpy
__CxxFrameHandler
free
malloc
_except_handler3
wcsncpy
wcsncat
_wsplitpath
wcslen
wcsrchr
_wcsnicmp
_itow
sprintf
_wtoi
memmove
_wcslwr
wcsstr
time
difftime
swscanf
_i64tow
_CxxThrowException
_wcsicmp
atoi
??1type_info@@UAE@XZ
strrchr
sscanf
wcscat
_XcptFilter
_onexit
__dllonexit
?terminate@@YAXXZ
_adjust_fdiv
vswprintf
_initterm
_wmakepath

ole32

StgOpenStorage
CoCreateGuid
CoUninitialize
CoGetMalloc
CoInitializeEx
CLSIDFromProgID
StgCreateDocfile
CoUnmarshalInterface
CLSIDFromString
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
StringFromIID

oleaut32

SysStringByteLen
SysAllocStringByteLen
UnRegisterTypeLi
LoadRegTypeLi
VarUI4FromStr
SysStringLen
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
VarR8FromStr
VarI4FromStr
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarFormat
GetErrorInfo
VarR4FromStr
VarDateFromStr
VarCyFromStr
SafeArrayPutElement
SafeArrayGetElement
SafeArrayRedim
SafeArrayGetUBound
SafeArrayCreate
SafeArrayDestroy
VariantClear
VariantInit
SafeArrayCopy

advapi32

SetSecurityDescriptorSacl
FreeSid
ImpersonateNamedPipeClient
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyW
RegQueryValueW
SetEntriesInAclW
RevertToSelf
LookupAccountSidW
OpenThreadToken
AccessCheck
AddAccessAllowedAce
MapGenericMask
InitializeAcl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
AllocateAndInitializeSid
GetTokenInformation
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetAce
GetLengthSid
OpenProcessToken
RegQueryValueExW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

kernel32

CloseHandle
WideCharToMultiByte
GetComputerNameW
WriteFile
CreateFileW
GetDiskFreeSpaceW
SetFilePointer
ReadFile
HeapReAlloc
HeapAlloc
HeapFree
GetModuleFileNameW
GetLastError
FreeLibrary
LoadLibraryW
GetVersionExW
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
MultiByteToWideChar
lstrlenW
lstrcpyW
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
LeaveCriticalSection
EnterCriticalSection
lstrcpynW
HeapDestroy
GetProcAddress
LoadLibraryExW
lstrcatW
DisableThreadLibraryCalls
lstrlenA
SizeofResource
LoadResource
FindResourceW
GetUserDefaultLCID
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetNamedPipeHandleState
CreateNamedPipeW
ConnectNamedPipe
WaitNamedPipeW
OpenProcess
OpenEventW
OpenFileMappingW
GetQueuedCompletionStatus
SetThreadPriority
PostQueuedCompletionStatus
TerminateThread
SetLastError
CreateIoCompletionPort
GetFileTime
SetFileTime
GetFileAttributesExW
GetOverlappedResult
GetVersion
GetModuleHandleA
LocalAlloc
lstrcmpA
CreateFileMappingW
MapViewOfFile
GetFileSize
SetEndOfFile
UnmapViewOfFile
SleepEx
InterlockedExchange
GetModuleHandleW
GetSystemDefaultLCID
FormatMessageW
LocalFree
IsBadReadPtr
IsBadWritePtr
CreateMutexW
ReleaseMutex
WaitForMultipleObjects
GetFileAttributesW
GetTempPathW
GetThreadPriority
ResetEvent
GetCurrentThread
DebugBreak
GetSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
Sleep
WaitForSingleObject
VirtualFree
TlsSetValue
TlsGetValue
HeapCreate
TlsAlloc
TlsFree
CreateEventW
GlobalMemoryStatus
LoadLibraryA
GetLocalTime
SetEvent

user32

LoadStringW
CharNextW
CharPrevW
GetSystemMetrics
wsprintfW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

mswstr10

ord2
ord1

wsock32

getservbyname
gethostbyaddr
inet_addr
WSACancelBlockingCall
WSAStartup
WSACleanup
getpeername
htons
ioctlsocket
gethostbyname
connect
accept
listen
bind
recv
WSAGetLastError
socket
closesocket
shutdown
setsockopt
send
select

wininet

HttpOpenRequestA
HttpSendRequestA
InternetErrorDlg
HttpQueryInfoA
InternetCrackUrlA
InternetConnectA
InternetOpenA
InternetSetOptionA
InternetSetOptionW
InternetReadFile
InternetCloseHandle
InternetQueryOptionW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 852KB - Virtual size: 850KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6f3336710df12dee1b3b8c4af03a51a1

Headers

File Characteristics

Imports

msvcrt

ole32

oleaut32

advapi32

kernel32

user32

version

mswstr10

wsock32

wininet

Exports

Exports

Sections

.text Size: 852KB - Virtual size: 850KB

.data Size: 40KB - Virtual size: 148KB

.cdata Size: 4KB - Virtual size: 4B

.rsrc Size: 56KB - Virtual size: 52KB

.reloc Size: 84KB - Virtual size: 81KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 852KB - Virtual size: 850KB

.data
Size: 40KB - Virtual size: 148KB

.cdata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 56KB - Virtual size: 52KB

.reloc
Size: 84KB - Virtual size: 81KB

.rmnet
Size: 60KB - Virtual size: 60KB