2acc2f669820e1f7ddb1b120fcd9d187e57861159c1a6664317c2471f82e66f0

Sharing

Copy URL Twitter E-mail

General

Target

2acc2f669820e1f7ddb1b120fcd9d187e57861159c1a6664317c2471f82e66f0
Size

195KB
MD5

71141778700ae6c2f182ef63aaf326f3
SHA1

6d0148950b08c85acdba3692bb270f07b479aa20
SHA256

2acc2f669820e1f7ddb1b120fcd9d187e57861159c1a6664317c2471f82e66f0
SHA512

04fa5c470291555c276924c580356490314d185f62995d2d491b55e7767489f27d3f41e04db889915700a4b438e8350b5b920876e5af3ad86df7bd69f0a9722f
SSDEEP

3072:jskJNZh3OxK7dtjBrMuzxzdWiiZ3XGuBliyHnp11fgydm8yWbFT0:jsMhzzFzxpqnuyHnpnI+mIT0

Score

N/A

Malware Config

Signatures

Files

2acc2f669820e1f7ddb1b120fcd9d187e57861159c1a6664317c2471f82e66f0
.dll regsvr32 windows x86

f3cb96d09c1239fb36d1cffbfc4c7963

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
SetThreadLocale
FlushFileBuffers
CreateFileA
lstrlenW
GetModuleHandleW
SizeofResource
LeaveCriticalSection
InterlockedDecrement
FindResourceW
MultiByteToWideChar
GetModuleFileNameW
DeleteCriticalSection
lstrcmpiW
InterlockedIncrement
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryA
RtlUnwind
IsValidCodePage
GetOEMCP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
LoadLibraryExW
RaiseException
InitializeCriticalSection
GetThreadLocale
GetLastError
EnterCriticalSection
WriteConsoleW
LoadResource
GetVersionExA
lstrlenA
GetTickCount
GetProcAddress
CloseHandle
InterlockedExchange
GetACP
GetLocaleInfoA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
HeapCreate
VirtualFree
VirtualAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
Sleep
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
VirtualQuery

mkunicode

Utf8ToUtf16

user32

UnregisterClassA
CharNextW

advapi32

RegQueryInfoKeyW
RegDeleteValueW
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegDeleteKeyW

ole32

StringFromGUID2
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

oleaut32

VarUI4FromStr
SysFreeString
SafeArrayCreate
SafeArrayAccessData
SafeArrayDestroy
SafeArrayUnaccessData
SysAllocStringLen
VariantChangeType
VariantClear
VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f3cb96d09c1239fb36d1cffbfc4c7963

Headers

File Characteristics

Imports

kernel32

mkunicode

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 62KB - Virtual size: 62KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 384B

.reloc Size: 8KB - Virtual size: 8KB

.text Size: 100KB - Virtual size: 100KB

.text
Size: 62KB - Virtual size: 62KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 384B

.reloc
Size: 8KB - Virtual size: 8KB

.text
Size: 100KB - Virtual size: 100KB