e59fa09000ea8bd3b3751bdadcb9901e4abfd691f6c728d89ba3b621bf8f2653

Sharing

Copy URL Twitter E-mail

General

Target

e59fa09000ea8bd3b3751bdadcb9901e4abfd691f6c728d89ba3b621bf8f2653
Size

96KB
MD5

04f31b059228155a94142b0c71a13564
SHA1

dfae7c8d60157f1e71b719fbc7e0156c563a7546
SHA256

e59fa09000ea8bd3b3751bdadcb9901e4abfd691f6c728d89ba3b621bf8f2653
SHA512

3d4b014a19baa3fd23887ef82f6aaef53177255c749e832014c44e23d669f352b0abcb9a39a4f2e8fec42825661059fe2ddb5af2edf9d761b5168bc366371966
SSDEEP

1536:Ht8rQqWl+KizqUGEdOKJXwrK+qtI2VbweruUWaCyPrXYcEgtmMcD5yo9aK:Nq/KUjXwrK+MI2VbLru+4gtmMS5yYa

Score

N/A

Malware Config

Signatures

Files

e59fa09000ea8bd3b3751bdadcb9901e4abfd691f6c728d89ba3b621bf8f2653
.dll regsvr32 windows x86

ec9050afc077ff24f5ef6d4c3a9303a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
FillConsoleOutputCharacterW
FindFirstChangeNotificationA
GetTimeFormatW
CopyFileW
lstrcpynW
SetHandleCount
CreateRemoteThread
GetLocalTime
GetFileAttributesExA
VerifyVersionInfoW
UnregisterWait
GetVersion
ClearCommError
SetComputerNameExW
ConvertDefaultLocale
SearchPathA
GetSystemTime
GetConsoleScreenBufferInfo
CreatePipe
DeleteCriticalSection
GetCurrentDirectoryA
GetThreadContext
GlobalAddAtomW
GetAtomNameW
OpenMutexW
ReleaseSemaphore
lstrcpynA
TerminateJobObject
LockFileEx
FileTimeToSystemTime
IsBadHugeReadPtr
GetThreadTimes
FindResourceW
GetFileAttributesExW
lstrcpyW
GetShortPathNameA
GetComputerNameExW
SetLastError
IsValidCodePage
CopyFileExW
GetLocaleInfoW
FreeResource
FillConsoleOutputAttribute
GetVersionExW
GetSystemDefaultUILanguage
SetEvent
GetDiskFreeSpaceA
HeapWalk
AddAtomW
OpenFileMappingW
LocalAlloc
VerifyVersionInfoA
GlobalDeleteAtom
ChangeTimerQueueTimer
GetSystemInfo
OpenFileMappingA
FindResourceExA
SetLocalTime
lstrlenW
SetConsoleMode
SetFileAttributesA
HeapCreate
LocalFlags
CreateToolhelp32Snapshot
SetHandleInformation
RtlMoveMemory
LCMapStringA
GetStartupInfoA
GetCurrentProcess
IsBadStringPtrW
SetCurrentDirectoryW
GetFileInformationByHandle
lstrcpyA
EscapeCommFunction
FindCloseChangeNotification
FlushViewOfFile
LocalSize
FindNextVolumeW
PulseEvent
IsBadReadPtr
SetConsoleCursorPosition
FindFirstFileExW
CreateFileMappingW
GetSystemDirectoryW
VirtualUnlock
FormatMessageA
GetWindowsDirectoryA
GetSystemPowerStatus
IsBadHugeWritePtr
FindNextChangeNotification
SetSystemTime
LocalReAlloc
GetDateFormatA
SetFileApisToOEM
AreFileApisANSI
VirtualQuery
UnlockFile
lstrcmpiA
HeapValidate
PurgeComm
OpenEventW
SetProcessShutdownParameters
RaiseException
GetSystemDefaultLangID
CreateIoCompletionPort
lstrcmpW
FreeEnvironmentStringsW
GetHandleInformation
GetNumberFormatW
CreateConsoleScreenBuffer
GetShortPathNameW
LockResource
SetConsoleScreenBufferSize
SetVolumeMountPointW
GetConsoleOutputCP
GetFullPathNameA
GlobalAddAtomA
ExpandEnvironmentStringsA
MapViewOfFile
VirtualProtect
InterlockedIncrement
GetModuleFileNameA
WriteFile
ReadFile
InterlockedDecrement
LeaveCriticalSection
ReleaseMutex
GetSystemTimeAsFileTime
EnterCriticalSection
LoadLibraryA
GetProcessHeap
CloseHandle
CopyFileA
InitializeCriticalSection
CreateFileA
DeleteFileA
CreateThread
GetLastError
MoveFileA
GetTickCount
GetCurrentProcessId
CreateMutexA
CreateFileMappingA
InterlockedExchange
CreateDirectoryA
GetComputerNameA
GetProcAddress
GlobalGetAtomNameW

user32

IsDlgButtonChecked
GetShellWindow
InsertMenuItemA
EnableMenuItem
RegisterHotKey
wsprintfA
CharPrevW
DrawIconEx
CharUpperA
PostThreadMessageA
SetMenuDefaultItem
SetParent
WaitMessage
TrackMouseEvent
GetWindowTextW
InsertMenuW
UnhookWindowsHook
LoadMenuW
LoadAcceleratorsA
GetClassInfoW
ReuseDDElParam
GetUserObjectInformationA
GetThreadDesktop
AdjustWindowRectEx
GetPropW
SetWindowLongA
GetWindowLongW
SetScrollInfo
SetDlgItemTextW
SendNotifyMessageW
GetMenu
SetCursorPos
FlashWindow
SetMenuItemBitmaps
GetCursor
OemToCharBuffA
PostMessageA
GetCaretBlinkTime
IsCharAlphaW
SetTimer
WindowFromPoint
MapVirtualKeyA
EqualRect
ScrollWindow
DestroyCursor
GetMessageTime
LoadIconA
UpdateWindow
SetPropW
ShowOwnedPopups
OpenIcon
MessageBoxA
ToUnicodeEx
CopyAcceleratorTableW
SetWindowRgn
DestroyAcceleratorTable
GetKeyNameTextA
CharUpperBuffW
IsCharAlphaA
SystemParametersInfoW
PostQuitMessage
DestroyIcon
IntersectRect
CreateDialogParamW
GetDlgItem
GetMessageW
CheckMenuRadioItem
CheckMenuItem
GetSystemMetrics
GetMenuItemID
GrayStringW
ReleaseDC
UnregisterClassW
CreateDialogParamA
SetWindowWord
CreateDialogIndirectParamW
CopyIcon
GetDlgItemTextA
DrawIcon
SetMenu
IsCharAlphaNumericW
ReleaseCapture
LockWindowUpdate
wvsprintfW
GetQueueStatus
GetCursorPos
RemovePropW
GetFocus
AttachThreadInput
DrawFrameControl
GetMenuStringW
GetClassInfoExW
DrawFocusRect
GetKeyNameTextW
FindWindowExW
CharToOemW
CheckDlgButton
TrackPopupMenu
GetDlgCtrlID
SetThreadDesktop
OpenDesktopW
ShowWindowAsync
SetWindowLongW
DrawMenuBar
SendDlgItemMessageW
MonitorFromRect
DispatchMessageA
GetWindowThreadProcessId
GetMessageA
SendMessageA
CallNextHookEx
FindWindowA
UnhookWindowsHookEx
GetClassNameA
UnpackDDElParam

shlwapi

StrCpyNW
AssocCreate
StrStrA
PathIsPrefixW
StrChrW
UrlUnescapeW
SHDeleteKeyA
PathRemoveBlanksW
PathGetCharTypeW
PathFindFileNameA
SHRegGetBoolUSValueW
StrCmpNW
StrTrimW
PathRenameExtensionW
PathIsFileSpecW
SHCreateStreamOnFileW
PathCreateFromUrlW
PathMakePrettyW
PathGetCharTypeA
SHSetValueW
PathIsRelativeW
PathFileExistsW
SHRegSetUSValueW
StrFormatKBSizeW
StrCatBuffW
PathAddBackslashA
StrCatW
PathParseIconLocationW
SHRegSetPathW
PathAddExtensionW
PathCommonPrefixW
PathAddBackslashW
StrDupW
PathCompactPathExW
StrRChrW
UrlCombineW
PathFindFileNameW
AssocQueryStringW

advapi32

RegCreateKeyExA
LookupAccountNameA
SetNamedSecurityInfoA
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetSecurityDescriptorSacl
RegQueryInfoKeyA
ConvertSidToStringSidA
ChangeServiceConfigA
RegCreateKeyW
RegDeleteValueW
MakeSelfRelativeSD
RegSetValueExW
EnumServicesStatusA
OpenThreadToken
GetInheritanceSourceW
NotifyChangeEventLog
OpenServiceW
QueryServiceConfig2W
ImpersonateLoggedOnUser
ReadEventLogA
RegConnectRegistryW
StartServiceCtrlDispatcherW
ImpersonateSelf
GetOldestEventLogRecord
GetTokenInformation
RegOpenKeyA
RegSaveKeyExW
RegLoadKeyA
SetEntriesInAclA
OpenProcessToken
GetEffectiveRightsFromAclW
RegisterEventSourceA
RegDeleteValueA
RegEnumKeyA
DeregisterEventSource
EnumDependentServicesA
RegConnectRegistryA
RegisterEventSourceW
RegReplaceKeyW
ChangeServiceConfig2W
QueryServiceStatus
QueryServiceLockStatusA
UnlockServiceDatabase
CloseServiceHandle
MakeAbsoluteSD
ImpersonateNamedPipeClient
RegSaveKeyA
RegCreateKeyA
RegSetValueW
IsTokenRestricted
GetNumberOfEventLogRecords

gdi32

EnumFontFamiliesExA
SelectObject
GetObjectA
SetArcDirection
ExtCreatePen
StartPage
OffsetViewportOrgEx
SetWindowExtEx
IntersectClipRect
SetMetaRgn
ScaleWindowExtEx
CreateRectRgnIndirect
GetCurrentPositionEx
GetObjectW
CopyMetaFileA
SetViewportOrgEx
GetRegionData
StretchBlt
GetCharWidthA
GetStockObject
ExtCreateRegion
CreateDIBitmap
SetDIBits
GetBrushOrgEx
CreateScalableFontResourceA
CreatePolygonRgn
GetCharWidthW
CreateICA
GetEnhMetaFileBits
CreateEnhMetaFileW
SelectPalette
UnrealizeObject
Polygon
GetViewportOrgEx
RealizePalette
GetCharABCWidthsA
AbortDoc
SetBkMode
CreateRectRgn
GetMetaFileBitsEx
ExtTextOutA
GetSystemPaletteEntries
SetRectRgn
Polyline
GetTextFaceW
SetAbortProc
EnumEnhMetaFile
EnumFontFamiliesA
CreateBitmapIndirect
SetPixel
BeginPath
PolyDraw
DeleteDC
PtInRegion
GetEnhMetaFileHeader
CreateEllipticRgnIndirect
CreateCompatibleDC
SetBitmapDimensionEx

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec9050afc077ff24f5ef6d4c3a9303a0

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB