0599fbd0f2de45f461b23324f539487efca3f4ba47a5d1b4e91a62b9b3194751

Sharing

Copy URL

Twitter E-mail

General

Target

0599fbd0f2de45f461b23324f539487efca3f4ba47a5d1b4e91a62b9b3194751
Size

796KB
MD5

f4a1a749a11eaaee563612f659d15d13
SHA1

c5968cdd64cf185a254d0491f59691b1a3f7a0a4
SHA256

0599fbd0f2de45f461b23324f539487efca3f4ba47a5d1b4e91a62b9b3194751
SHA512

a4265cee9300a427a6c2b1543a1c5a99a1d4a28e69de2ece861302711671554fb6ae21d4216c6c5e4762ec97e7038d5a92c72254bb1bbe5799d73b32da190154
SSDEEP

12288:NiG5bfhAOjT0Df0YeZ3R0YoOSGKiIGDKZSe0zRg:Niyf/6fcZe7ZNiIG2keI

Score

N/A

Malware Config

Signatures

Files

0599fbd0f2de45f461b23324f539487efca3f4ba47a5d1b4e91a62b9b3194751
.dll regsvr32 windows x86

bccce293b7a718a0662d7b2d14504fb0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenUrlA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetCloseHandle
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetCrackUrlA
InternetGetConnectedState
InternetCanonicalizeUrlA
InternetCreateUrlA

kernel32

WaitForSingleObject
CreateProcessA
IsBadWritePtr
GetTickCount
MultiByteToWideChar
SizeofResource
SetEnvironmentVariableA
SetEndOfFile
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
ExitProcess
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
IsValidCodePage
GetOEMCP
GetCPInfo
GetTimeZoneInformation
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
ExpandEnvironmentStringsA
SetFileAttributesA
IsDBCSLeadByteEx
GetSystemDirectoryA
GetVolumeInformationA
CreateThread
GetExitCodeProcess
WriteFile
ResetEvent
GetFileSize
ReadFile
GetWindowsDirectoryA
GetFileAttributesA
CreateFileA
CreateDirectoryA
ReleaseMutex
GetVersionExA
LockResource
LoadResource
FindResourceA
FindResourceExA
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
lstrlenA
FormatMessageA
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetUserDefaultLangID
GetSystemDefaultLangID
Sleep
CreateMutexA
CloseHandle
CompareStringW
CompareStringA
InterlockedExchange
GlobalHandle
GlobalFree
GlobalLock
GlobalUnlock
MulDiv
lstrcmpA
GlobalAlloc
InterlockedCompareExchange
DisableThreadLibraryCalls
FreeLibrary
IsDBCSLeadByte
InterlockedDecrement
InterlockedIncrement
LoadLibraryExA
lstrcmpiA
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
lstrlenW
GetCommandLineA
GetDateFormatA
GetTimeFormatA
CreateEventA
GetProcAddress
GetFileAttributesW
LocalAlloc
GetVersion
RaiseException
FlushInstructionCache
GetCurrentProcess
LoadLibraryW
GetLastError
SetLastError
GetModuleFileNameW
SetEvent
DeleteFileA
GetCurrentThreadId
OutputDebugStringA

user32

LoadMenuA
InsertMenuItemA
SetMenuItemInfoA
LoadImageA
MessageBoxA
EnableMenuItem
CheckMenuItem
GetWindowLongA
GetParent
GetDlgItem
SetWindowPos
UnregisterClassA
SetWindowPlacement
FindWindowExA
GetMenuItemInfoA
RemoveMenu
GetMenuItemCount
DestroyMenu
CreateDialogParamA
DialogBoxParamA
CreatePopupMenu
TrackPopupMenu
GetCursorPos
DrawTextA
DrawStateA
AnimateWindow
MonitorFromPoint
MonitorFromWindow
GetMonitorInfoA
GetAncestor
CopyIcon
DestroyIcon
OffsetRect
PostMessageA
RegisterWindowMessageA
CreateAcceleratorTableA
DestroyAcceleratorTable
BeginPaint
EndPaint
ReleaseCapture
SetCapture
RedrawWindow
InvalidateRgn
GetSysColor
SetWindowContextHelpId
MapDialogRect
EndDialog
GetDC
GetSystemMetrics
DialogBoxIndirectParamA
SetFocus
InvalidateRect
GetWindowTextLengthA
GetWindowTextA
GetComboBoxInfo
FillRect
IsChild
GetForegroundWindow
ShowWindow
CharNextA
SetWindowsHookExA
GetFocus
CallNextHookEx
GetClassNameA
UnhookWindowsHookEx
EndMenu
MoveWindow
GetKeyState
ReleaseDC
GetWindowDC
ScreenToClient
ClientToScreen
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
SetActiveWindow
GetDesktopWindow
IsWindowEnabled
EnableWindow
SendMessageA
IsWindow
IsWindowVisible
CallWindowProcA
DefWindowProcA
CreateWindowExA
GetClassInfoExA
RegisterClassExA
DestroyWindow
LoadCursorA
KillTimer
SetTimer
SetWindowLongA
LoadStringA
SetWindowTextA
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
GetWindowPlacement
IsIconic
DrawFrameControl
UpdateWindow
SetWindowRgn
IsRectEmpty
PtInRect
SetRectEmpty
CopyRect
InflateRect
DrawIconEx
SetCursor
GetCapture
UnionRect

gdi32

LPtoDP
DPtoLP
StretchBlt
OffsetRgn
CombineRgn
CreateRoundRectRgn
CreatePolygonRgn
CreateRectRgn
ExcludeClipRect
SetViewportOrgEx
GetClipBox
SetStretchBltMode
SetWindowOrgEx
FrameRgn
GetViewportOrgEx
EqualRgn
GetTextExtentPoint32A
RestoreDC
SaveDC
Polygon
CreatePen
SetTextColor
ExtTextOutA
GetPixel
GetTextColor
CreateFontIndirectA
GetStockObject
GetObjectA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SetBrushOrgEx
SetBkMode
SetBkColor
SelectObject
DeleteObject
CreatePatternBrush
CreateSolidBrush
GetTextMetricsA
DeleteDC

advapi32

RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegEnumValueA
OpenProcessToken
GetTokenInformation
LookupAccountSidA
RegCloseKey

shell32

SHGetSpecialFolderPathA
ShellExecuteA

ole32

CLSIDFromString
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID
CoTaskMemAlloc
CoTaskMemRealloc
CoLoadLibrary
CoFreeUnusedLibraries
RegisterDragDrop
OleUninitialize
OleInitialize
ReleaseStgMedium
CreateStreamOnHGlobal
CoGetClassObject
CLSIDFromProgID
OleLockRunning
CoUninitialize
CoInitialize
OleDraw
RevokeDragDrop
StringFromGUID2
CoCreateInstance

oleaut32

SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayUnlock
SafeArrayLock
SysFreeString
VariantInit
VariantClear
VariantCopy
SysAllocStringLen
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SetErrorInfo
SafeArrayCreate
GetErrorInfo
LoadRegTypeLi
LoadTypeLi
DispCallFunc
SysStringLen
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
OleCreateFontIndirect
VariantChangeType
VarBstrCmp
VarBstrCat
SafeArrayDestroy
CreateErrorInfo

shlwapi

PathRemoveFileSpecA
PathRemoveBackslashA
UrlUnescapeA
PathFileExistsA
StrStrIW
StrStrW

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_Draw

msimg32

TransparentBlt

urlmon

CreateURLMoniker

snmpapi

SnmpUtilOidCpy
SnmpUtilVarBindFree
SnmpUtilOidNCmp

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 444KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bccce293b7a718a0662d7b2d14504fb0

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

urlmon

snmpapi

version

Exports

Exports

Sections

.text Size: 444KB - Virtual size: 440KB

.rdata Size: 112KB - Virtual size: 109KB

.data Size: 28KB - Virtual size: 112KB

.SHARED Size: 4KB - Virtual size: 8B

.rsrc Size: 156KB - Virtual size: 154KB

.reloc Size: 48KB - Virtual size: 47KB

.text
Size: 444KB - Virtual size: 440KB

.rdata
Size: 112KB - Virtual size: 109KB

.data
Size: 28KB - Virtual size: 112KB

.SHARED
Size: 4KB - Virtual size: 8B

.rsrc
Size: 156KB - Virtual size: 154KB

.reloc
Size: 48KB - Virtual size: 47KB