b56991b5b2a91d645a619dc4b681daa08d13384075e23684c174815900a091bd

Sharing

Copy URL Twitter E-mail

General

Target

b56991b5b2a91d645a619dc4b681daa08d13384075e23684c174815900a091bd
Size

180KB
MD5

769e867ca0f37f0f642a89462d8c2490
SHA1

06685ca3356b1492ab25240684cbee5d217dc044
SHA256

b56991b5b2a91d645a619dc4b681daa08d13384075e23684c174815900a091bd
SHA512

9e4dc8ee6c391aee4d00a7d4f5b41774b015a708b1f999083eecf3702cd06cdc95eaf45e730b75904a2c821f26c7622449bda64c9e29c5c9fe95f8609e50377e
SSDEEP

3072:JnCrX43mslN56gg5o6RyCjMm7jjMkU82k1itEPhJ4FjyxqCZ:JnCk3dHgCayCIEvMkU82Q/PMFjyxRZ

Score

N/A

Malware Config

Signatures

Files

b56991b5b2a91d645a619dc4b681daa08d13384075e23684c174815900a091bd
.dll regsvr32 windows x86

2019ac364ad6c83d5d5ca9ba2029d8e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

malloc
isspace
isxdigit
__CxxFrameHandler
strchr
strncpy
??3@YAXPAX@Z
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
??2@YAPAXI@Z
strerror
strtok
toupper
strstr
strtol
atoi
??0exception@@QAE@ABV0@@Z
tmpnam
fopen
fwrite
fclose
tolower
isalnum
printf
isalpha
isupper
free
ispunct
isgraph
__mb_cur_max
wctomb
islower
wcscmp
??1exception@@UAE@XZ
??0exception@@QAE@XZ
?what@exception@@UBEPBDXZ
_CxxThrowException
wcslen

rpcrt4

UuidToStringA

oleaut32

VariantClear
SysFreeString
SysAllocString
GetErrorInfo

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

winmm

timeGetTime

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

advapi32

RegCloseKey
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegOpenKeyExA

netapi32

Netbios

wininet

HttpQueryInfoA
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
InternetCloseHandle
InternetReadFile

user32

EnumWindows
KillTimer
SetTimer
DefWindowProcA
EnumChildWindows
CloseClipboard
wsprintfA
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetWindowThreadProcessId
SetWindowPos
GetClassNameA
OpenClipboard
SystemParametersInfoA

ole32

CoCreateGuid
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

kernel32

QueryPerformanceFrequency
GetFullPathNameA
GetVersionExA
GetProcessHeap
GetModuleFileNameA
HeapSize
HeapAlloc
GetProcessTimes
GetCurrentProcess
GetCurrentDirectoryA
FreeEnvironmentStringsA
GetEnvironmentStrings
LocalFree
FormatMessageA
lstrcmpiA
QueryPerformanceCounter
SleepEx
GetLocalTime
GetThreadTimes
GetCurrentThread
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
OpenProcess
GetCurrentProcessId
lstrcpyA
GetModuleHandleA
MultiByteToWideChar
GetSystemInfo
lstrcpynA
GetTickCount
GetWindowsDirectoryA
HeapFree
GetVersion
Sleep
GetLastError
SetLastError
lstrcmpA
DeleteFileA
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
MoveFileExA
WaitForSingleObject
CreateFileA
lstrlenA
CreateProcessA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2019ac364ad6c83d5d5ca9ba2029d8e4

Headers

File Characteristics

Imports

msvcrt

rpcrt4

oleaut32

shlwapi

winmm

psapi

version

advapi32

netapi32

wininet

user32

ole32

kernel32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 20KB - Virtual size: 21KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 20KB - Virtual size: 21KB

.reloc
Size: 12KB - Virtual size: 8KB