79d3e232b51dcbed732c8119114c01ec1618251881f05bbb8f5f69a373ed405a

Sharing

Copy URL Twitter E-mail

General

Target

79d3e232b51dcbed732c8119114c01ec1618251881f05bbb8f5f69a373ed405a
Size

437KB
MD5

768028118fdd1aa29e4c9a5f940eb5c0
SHA1

0fb5cba9dd18a9f866291ea6dceae2173dc78b69
SHA256

79d3e232b51dcbed732c8119114c01ec1618251881f05bbb8f5f69a373ed405a
SHA512

7b8d9f568da29133312d272094ce1badcd5befd0dce098b8926479f0f4d9f869d4d87c606c24166e5e8ab92f09007d599c07439778be14401dd84d7d311dbadc
SSDEEP

6144:fcJ///l2dVyVaumUujv3skdW6f5x++eaIOSdGgpFd9wSjdnJhLSQN:kJ//0d8VanUf6uSqGAFdndTLSQN

Score

N/A

Malware Config

Signatures

Files

79d3e232b51dcbed732c8119114c01ec1618251881f05bbb8f5f69a373ed405a
.dll regsvr32 windows x86

103f987cce851ae470f1b614479c1dd3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadLibraryExW
LoadResource
SizeofResource
lstrcmpiW
FindResourceW
MultiByteToWideChar
DeleteFileW
FindFirstFileW
FindResourceExW
LockResource
LocalFree
MoveFileExW
GetEnvironmentVariableW
CreateDirectoryW
CreateFileW
GetFileAttributesW
GetFileSize
ReadFile
GetTempPathW
CloseHandle
LoadLibraryW
FreeLibrary
GetTickCount
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
lstrlenW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
WritePrivateProfileSectionW
FlushFileBuffers
SetEndOfFile
SetFilePointer
WriteFile
ReleaseMutex
WaitForSingleObject
CreateMutexW
OpenMutexW
GetCurrentThreadId
GetSystemTimeAsFileTime
CreateFileMappingW
SetStdHandle
SetFilePointerEx
GetConsoleMode
DisableThreadLibraryCalls
GetCurrentProcessId
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
GetVolumeInformationW
RaiseException
GetConsoleCP
WriteConsoleW
GetStringTypeW
LCMapStringW
OutputDebugStringW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetStartupInfoW
TlsFree
TlsSetValue
HeapDestroy
HeapSize
IsDebuggerPresent
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
GetStdHandle
ExitProcess
GetModuleHandleExW
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue

user32

CharNextW
MessageBoxW

advapi32

InitializeSecurityDescriptor
SetNamedSecurityInfoW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
GetSecurityDescriptorSacl
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
SetSecurityDescriptorDacl

ole32

CreateBindCtx
StringFromGUID2
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CoInitialize

oleaut32

LoadTypeLi
SysFreeString
SysStringLen
VarUI4FromStr
LoadRegTypeLi
SysAllocString
DispCallFunc
VariantClear
VariantInit
SysAllocStringByteLen
SysStringByteLen
UnRegisterTypeLi
RegisterTypeLi

shlwapi

PathRenameExtensionW
PathFileExistsW
PathCombineW

urlmon

CreateURLMoniker

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 179KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

103f987cce851ae470f1b614479c1dd3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

urlmon

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 58KB - Virtual size: 57KB

.data Size: 8KB - Virtual size: 18KB

.SHARED Size: 512B - Virtual size: 20B

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 13KB - Virtual size: 13KB

.text Size: 179KB - Virtual size: 180KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 58KB - Virtual size: 57KB

.data
Size: 8KB - Virtual size: 18KB

.SHARED
Size: 512B - Virtual size: 20B

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 13KB - Virtual size: 13KB

.text
Size: 179KB - Virtual size: 180KB