34efdd19c6da40192a44b16c3bcc2c02cfe0b3e4fbc882ad06c3ce80ad9893f8

Sharing

Copy URL Twitter E-mail

General

Target

34efdd19c6da40192a44b16c3bcc2c02cfe0b3e4fbc882ad06c3ce80ad9893f8
Size

228KB
MD5

6513efcfa34f883aa34810476dbdb7a0
SHA1

c8e687380159ed34ae781a06256f9ae921e1a5a7
SHA256

34efdd19c6da40192a44b16c3bcc2c02cfe0b3e4fbc882ad06c3ce80ad9893f8
SHA512

93319f080010ce17fefab44c233e10a9a3e42e70c0ebcbf9a850650bdb27f2583a89e11a9d46b94915ae3dce59c197a7be656b4d0cf1513b5452bac48165b05d
SSDEEP

3072:7/lsEn6fIcp73VDbpMrrAUdqfwLB9Mlfh2KjfByu444GJ3kBZCsQ1gSwWGRO+/Mz:JsBlXMrrbdq0GhbfKMbwo+/tDVXA

Score

N/A

Malware Config

Signatures

Files

34efdd19c6da40192a44b16c3bcc2c02cfe0b3e4fbc882ad06c3ce80ad9893f8
.dll regsvr32 windows x86

b02255d2c325952de1b6c473becaac4a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
FlushInstructionCache
GetCurrentProcess
GetProcessHeap
HeapAlloc
GetCurrentThreadId
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetModuleFileNameA
GetSystemTimeAsFileTime
LoadLibraryExA
GetTickCount
QueryPerformanceCounter
ExitProcess
GetVersionExA
lstrcpyA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
LocalFree
IsBadWritePtr
InterlockedDecrement
IsBadReadPtr
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
SizeofResource
lstrcatA
FreeLibrary
IsDBCSLeadByte
GetCurrentProcessId
lstrcpynA
DisableThreadLibraryCalls
lstrcmpiA
lstrlenA
GetLastError
LeaveCriticalSection
EnterCriticalSection
lstrlenW

user32

DialogBoxParamA
DestroyIcon
UnregisterClassA
DrawIconEx
ReleaseDC
GetDC
CharNextA
GetActiveWindow
SetWindowLongA

gdi32

SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetDIBits
DeleteDC
DeleteObject

advapi32

RegDeleteKeyA
RegQueryValueExA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA

shell32

SHGetDesktopFolder

ole32

StringFromCLSID
CoGetMalloc
OleRun
CoCreateInstance
CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VarBstrCat
SysStringLen
SysFreeString
SysAllocString
GetErrorInfo
VariantClear

shlwapi

PathFindExtensionA

cpscommontools

?MGIAlloc@@YAPAXI@Z
??1CMGIByteArray@@UAE@XZ
??0CMGIByteArray@@QAE@XZ
??ACMGIByteArray@@QAEAAEH@Z
?MGIFree@@YAXPAX@Z
?GetSize@CMGIByteArray@@QBEHXZ
?SetSize@CMGIByteArray@@QAEXH@Z
??0CMGIShellNameSplitter@@QAE@PBGK@Z
?GetExtension@CMGIShellNameSplitter@@QAEPBGXZ
??1CMGIShellNameSplitter@@UAE@XZ
??0CMPSCoordinateTranslation@@QAE@XZ
??1CMPSCoordinateTranslation@@UAE@XZ
?CheckStop@CQueueThreadBase@@SAHXZ
?GetData@CMGIByteArray@@QBEPAEXZ

msvcp71

?_Nomemory@std@@YAXXZ

msvcr71

_callnewh
realloc
wcsncpy
_purecall
_resetstkoflw
malloc
wcslen
wcsrchr
??3@YAXPAX@Z
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
_initterm
_adjust_fdiv
_wcsicmp
memset
_CxxThrowException
_except_handler3
__CxxFrameHandler
free
__CppXcptFilter
??_V@YAXPAX@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b02255d2c325952de1b6c473becaac4a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

cpscommontools

msvcp71

msvcr71

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 588B

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 8KB - Virtual size: 4KB

.text Size: 148KB - Virtual size: 148KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 588B

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 148KB - Virtual size: 148KB