b945b30a14138a14fc365d43a3c8751da6d3056c117b303daf64a13a55bf9441

Sharing

Copy URL Twitter E-mail

General

Target

b945b30a14138a14fc365d43a3c8751da6d3056c117b303daf64a13a55bf9441
Size

136KB
MD5

6e6b44cd109f1c5ac1360b2f50af4fd0
SHA1

9d32a3e61258ef0fdb270fbd10d69a7103895312
SHA256

b945b30a14138a14fc365d43a3c8751da6d3056c117b303daf64a13a55bf9441
SHA512

09449fb5e07f28b5d3863baac9a9e32f88eb078e10df28c2889fcda5d96f07120613d398d3f69a7c96c1f29eb0902fb7b2f14814905ee86784134518d8fe0224
SSDEEP

3072:oOOU9P2YWplAwIMoK4QyzsRoQm0RNgTmSdqjR:B2PHi/0R+sjR

Score

N/A

Malware Config

Signatures

Files

b945b30a14138a14fc365d43a3c8751da6d3056c117b303daf64a13a55bf9441
.dll regsvr32 windows x86

88b254c7cc2de969f0bf8700ac4b4022

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
OutputDebugStringA
LocalFree
LocalAlloc
FormatMessageA
CloseHandle
CreateFileA
GetPrivateProfileStringA
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
lstrlenW
WideCharToMultiByte
lstrlenA
EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileIntA
MultiByteToWideChar

user32

CharNextA
LoadStringA
DefWindowProcA
GetWindowLongA
wsprintfA

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA

ole32

ProgIDFromCLSID
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

oleaut32

SysAllocString
SysAllocStringByteLen
CreateErrorInfo
SetErrorInfo
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString
SysAllocStringLen
SysStringLen

msvcrt

iswctype
_ftol
floor
_mbschr
_itoa
wcscpy
__CxxFrameHandler
atol
localtime
memcmp
memset
realloc
malloc
free
??2@YAPAXI@Z
isdigit
atoi
memcpy
??3@YAXPAX@Z
_isctype
__mb_cur_max
_pctype
_initterm
_adjust_fdiv
__dllonexit
_onexit

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

Exports

Exports

?COMWndProc@@YGJPAUHWND__@@IIJ@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

88b254c7cc2de969f0bf8700ac4b4022

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msvcrt

msvcp60

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 8KB - Virtual size: 5KB

.text Size: 64KB - Virtual size: 64KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 64KB - Virtual size: 64KB