99abc27adc6d716856932d3590024df046e4af65252059b07d4119eaa1dc1507

General

Target

99abc27adc6d716856932d3590024df046e4af65252059b07d4119eaa1dc1507
Size

112KB
MD5

6c60c2588bcb6171d949679823072868
SHA1

117e3f71d6b8a0dd2a82a6a85f8379883606c90f
SHA256

99abc27adc6d716856932d3590024df046e4af65252059b07d4119eaa1dc1507
SHA512

8b32780e4d399c734b0820ec9f433da1b2ff54052e338cfc22fbe3baf0788cd30b18c855e25ad491fde6705471337a37a3669efc0634b324513e2eaa0837efc7
SSDEEP

3072:UTFiH0CNRs2+EclkWvlcb3uFWPHhOeWm4O7IKG5Xa2:UyXNchlGPrMOsXF

Score

N/A

Malware Config

Signatures

Files

99abc27adc6d716856932d3590024df046e4af65252059b07d4119eaa1dc1507
.dll regsvr32 windows x86

b8fff55a0b2cb7d9e904e90539f0ba42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CreateEventW
MulDiv
GlobalAddAtomW
GlobalAlloc
GetModuleHandleW
GetModuleFileNameW
GetCurrentThread
MoveFileW
GlobalUnlock
ResetEvent
InterlockedDecrement
SetWaitableTimer
FindClose
GetCurrentProcessId
GetLocalTime
CreateThread
CreateFileW
VirtualAlloc
DeleteFileW
GetCurrentProcess
WriteFile
LockResource
GetDriveTypeW
lstrlenW
GetProcAddress
FindResourceExW
GetFileAttributesW
SetLastError
lstrcpyW

user32

LoadCursorW
LoadStringW
GetWindowRect
ReleaseDC
PostMessageW
ReleaseCapture
DrawTextW
WindowFromPoint
LoadBitmapW
SendDlgItemMessageW
GetMessageW
RegisterWindowMessageW
VkKeyScanW
LoadIconW
DefWindowProcW
GetParent
RegisterHotKey
SetCapture
IsWindow
SystemParametersInfoW
SetForegroundWindow
GetKeyState
GetWindowTextW

gdi32

DPtoLP
Rectangle
SetDIBits
GetClipBox
BitBlt
CreateCompatibleDC
SetBkMode
CreateCompatibleBitmap
DeleteDC
MoveToEx

advapi32

LookupAccountSidW
InitializeSecurityDescriptor
GetUserNameW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.qzlle
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qdgc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cyva
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8fff55a0b2cb7d9e904e90539f0ba42

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.qzlle Size: 92KB - Virtual size: 89KB

.qdgc Size: 4KB - Virtual size: 1KB

.cyva Size: 4KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 6KB

.qzlle
Size: 92KB - Virtual size: 89KB

.qdgc
Size: 4KB - Virtual size: 1KB

.cyva
Size: 4KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 6KB