f10b922e868a63547389d769732230d68d59cda28efd3ae1b64205b2dd8432ea

Sharing

Copy URL Twitter E-mail

General

Target

f10b922e868a63547389d769732230d68d59cda28efd3ae1b64205b2dd8432ea
Size

376KB
MD5

01b2d88d5fde2ead6f9504e8fbbfe397
SHA1

6ba4f4dbaccc53113aba2e0054956c62fce047e7
SHA256

f10b922e868a63547389d769732230d68d59cda28efd3ae1b64205b2dd8432ea
SHA512

32349793befd4bd4ebcb5589189f92066d1597d574f8db8c77cac08fba58df9e97ae6a41a1bcdde0a45fa51506c6568bdf85a607984344bb96622a4ce33722af
SSDEEP

6144:uSSF3J9VaB/0eXkPlL+pt+g0QPekyswLCwuSr08hKZFXZoMq3k:VSBJvaB/0nPl+ph0igTx9nXMOk

Score

N/A

Malware Config

Signatures

Files

f10b922e868a63547389d769732230d68d59cda28efd3ae1b64205b2dd8432ea
.dll regsvr32 windows x86

a76a4cdc9b2aa280599e71fada223b01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptDecryptMessage
CertFindCertificateInStore
CryptEncryptMessage
CertCloseStore
CertFreeCertificateContext
CertOpenSystemStoreA
CertGetCertificateContextProperty

advapi32

CryptReleaseContext
CryptHashData
CryptGetHashParam
CryptAcquireContextA
CryptCreateHash

atl

ord23
ord15
ord18
ord16
ord30
ord58
ord57
ord21
ord32

kernel32

LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
InitializeCriticalSection
InterlockedDecrement
GetLastError
lstrlenW
MultiByteToWideChar
lstrlenA
CloseHandle
ReadFile
CreateFileA
WideCharToMultiByte
FreeLibrary
DisableThreadLibraryCalls
LoadLibraryA
GetModuleFileNameA
DeleteCriticalSection
Sleep
GetTickCount
LocalFree
MapViewOfFile
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
ReleaseMutex
WaitForSingleObject
CreateMutexA
IsBadWritePtr
HeapReAlloc
GetCPInfo
SetStdHandle
FlushFileBuffers
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
RaiseException
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetEnvironmentStrings
FreeEnvironmentStringsW
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetStringTypeW
GetProcAddress
GetEnvironmentStringsW
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetFilePointer
LCMapStringA
LCMapStringW
GetStringTypeA

ole32

OleRun
CoCreateInstance
CoCreateGuid

oleaut32

SysFreeString
SysStringByteLen
VariantChangeType
VariantInit
VariantClear
SysStringLen
SysAllocStringLen
SysAllocString
SysAllocStringByteLen
LoadRegTypeLi
GetErrorInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a76a4cdc9b2aa280599e71fada223b01

Headers

File Characteristics

Imports

crypt32

advapi32

atl

kernel32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 20KB - Virtual size: 536KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 12KB - Virtual size: 11KB

.text Size: 208KB - Virtual size: 208KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 20KB - Virtual size: 536KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 12KB - Virtual size: 11KB

.text
Size: 208KB - Virtual size: 208KB