6de287ce88287ce6a9fbb4566d8e4dacb0492f2381e825eaccfabdef74b224f4

Sharing

Copy URL Twitter E-mail

General

Target

6de287ce88287ce6a9fbb4566d8e4dacb0492f2381e825eaccfabdef74b224f4
Size

480KB
MD5

63f27ae920ad4414ff00ba5039bc6740
SHA1

e0d9478962396979fc5eafb0ba4d37e1ff394c89
SHA256

6de287ce88287ce6a9fbb4566d8e4dacb0492f2381e825eaccfabdef74b224f4
SHA512

f3a0e102c99f93ff258674b8072f49db80abd18c637573ceace90e4f7ebd7c6349819e240d5aa67bbc4ba5ac4e34625b718549f5eaad84dc6eb1b163a718d79c
SSDEEP

6144:EWj+GZzGwNiRm3B/6S2GsXR694M+lACMAsbGURulz7S+9lwqKzOp4O:EWGCf2h82MsAtTGIQz7tXpZ

Score

N/A

Malware Config

Signatures

Files

6de287ce88287ce6a9fbb4566d8e4dacb0492f2381e825eaccfabdef74b224f4
.dll regsvr32 windows x86

71b6a41b8738fe1fd080fe0370c870c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
CloseHandle
LockResource
LoadResource
SizeofResource
FindResourceW
FindResourceExW
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
FreeLibrary
DeleteCriticalSection
lstrcmpiW
LoadLibraryExW
EncodePointer
DecodePointer
InitializeCriticalSection
GetPrivateProfileStringW
GetVersionExW
lstrcpyW
SetFilePointer
SetEndOfFile
ReadConsoleW
WriteConsoleW
SetStdHandle
CreateFileW
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
OutputDebugStringA
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
SetFilePointerEx
ReadFile
GetFileType
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
WriteFile
GetStdHandle
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
LoadLibraryW
lstrcmpW
MulDiv
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetLastError
SetLastError
GetCurrentThreadId
RaiseException
GetCurrentProcess
FlushInstructionCache
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersion
LCMapStringW
GetProcAddress
GetModuleHandleExW
ExitProcess
GetCommandLineA
IsDebuggerPresent
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
InterlockedCompareExchange
GetProcessHeap
HeapFree
HeapAlloc

user32

UnregisterClassW
PostMessageW
DefWindowProcW
CallWindowProcW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
IsWindow
IsChild
SendMessageW
ShowWindow
MoveWindow
SetWindowPos
GetDlgItem
CharNextW
SetFocus
GetFocus
SetCapture
ReleaseCapture
CreateAcceleratorTableW
RegisterWindowMessageW
DestroyWindow
ScreenToClient
GetCursorPos
GetWindowRect
LoadCursorW
GetWindow
GetClassNameW
GetParent
GetDesktopWindow
SetWindowLongW
GetWindowLongW
FillRect
GetSysColor
GetKeyState
ClientToScreen
GetClientRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RedrawWindow
InvalidateRgn
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
SetActiveWindow
DestroyAcceleratorTable

gdi32

SelectObject
GetStockObject
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetObjectW

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
RegQueryInfoKeyW

shell32

ShellExecuteW
SHGetFolderPathW
ord165

ole32

OleLockRunning
OleUninitialize
CoTaskMemRealloc
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoGetClassObject
CreateStreamOnHGlobal

oleaut32

SysFreeString
SysStringLen
VariantInit
VariantClear
LoadTypeLi
LoadRegTypeLi
DispCallFunc
OleCreateFontIndirect
VarUI4FromStr
VarBstrCmp
RegisterTypeLi
UnRegisterTypeLi
SysStringByteLen
SysAllocStringByteLen
VariantCopy
SysAllocString
SysAllocStringLen

shlwapi

PathFileExistsW
wnsprintfW

rpcrt4

UuidFromStringW

wininet

HttpQueryInfoW
InternetReadFile
InternetCanonicalizeUrlW
InternetCloseHandle
InternetOpenW
InternetOpenUrlW

uxtheme

IsAppThemed
DrawThemeParentBackground

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 222KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 122KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

71b6a41b8738fe1fd080fe0370c870c0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

rpcrt4

wininet

uxtheme

Exports

Exports

Sections

.text Size: 222KB - Virtual size: 221KB

.rdata Size: 69KB - Virtual size: 69KB

.data Size: 13KB - Virtual size: 22KB

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 27KB - Virtual size: 26KB

.text Size: 122KB - Virtual size: 124KB

.text
Size: 222KB - Virtual size: 221KB

.rdata
Size: 69KB - Virtual size: 69KB

.data
Size: 13KB - Virtual size: 22KB

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 27KB - Virtual size: 26KB

.text
Size: 122KB - Virtual size: 124KB