757667968f252077fc421db802898f7160890d92b153bedff9d22ded3b020a59

Sharing

Copy URL Twitter E-mail

General

Target

757667968f252077fc421db802898f7160890d92b153bedff9d22ded3b020a59
Size

255KB
MD5

71b15d64eca24ca593c90b02cf6d4edb
SHA1

067250426a144338e77453a68807fadd5ca70f53
SHA256

757667968f252077fc421db802898f7160890d92b153bedff9d22ded3b020a59
SHA512

dc79b102728b1fe54cd4f5dcce2ec5c4451cf1607bbb566415bb6ad9a216978a6d6db6579ec4a4d81002a0a16bbd9190a94bbe8a283255ecce8f9112911a169f
SSDEEP

1536:8YH8/TH2w1hcdndDuxk7pWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM3:VH8/THf1MndDP

Score

N/A

Malware Config

Signatures

Files

757667968f252077fc421db802898f7160890d92b153bedff9d22ded3b020a59
.dll regsvr32 windows x86

ca299a8f22b6cdedf37f5d621f1b8950

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW
PathCombineW
PathFindFileNameW
StrCmpW
StrCmpIW
StrCatW

kernel32

LoadLibraryExA
CreateThread
GetProcessHeap
lstrcatA
lstrcpyA
InitializeCriticalSection
GetBinaryTypeW
CloseHandle
GetLastError
lstrcpynA
GetProcAddress
FreeLibrary
LoadLibraryA
WideCharToMultiByte
GetModuleFileNameA
MultiByteToWideChar
GetTimeFormatA
GetDateFormatA
lstrcmpA
lstrcmpiA
GetModuleHandleW
PulseEvent
CreateEventA
GetCurrentThreadId
GetTickCount
CreateFileMappingW
CreateFileW
SetFilePointerEx
DeleteFileW
SetFileAttributesW
GetTempFileNameW
GetTempPathW
WriteFile
ReadFile
LeaveCriticalSection
EnterCriticalSection
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
CreateMutexA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
FindClose
FindNextFileW
FindFirstFileW
GetModuleFileNameW
WaitForSingleObject
Sleep
ExitThread
ResetEvent
lstrcpyW

user32

GetMessageW
SetWindowsHookExW
TranslateMessage
DefWindowProcW
DestroyWindow
GetSystemMetrics
wsprintfA
DispatchMessageW
RegisterClassExW
CreateWindowExW
GetWindowRect
SetTimer
GetClassNameA
GetWindow
SendMessageW
GetWindowTextA
CallNextHookEx
ShowWindow
GetClientRect

shell32

SHGetSpecialFolderPathW

oleaut32

SysFreeString
SysAllocStringLen
VariantInit
SysAllocString
SysAllocStringByteLen
VariantClear
VariantCopy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca299a8f22b6cdedf37f5d621f1b8950

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 33KB

.data Size: 2KB - Virtual size: 54KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 2KB - Virtual size: 54KB

.reloc
Size: 3KB - Virtual size: 2KB