a2f1cc57e19271f6983f0e75aac3dae4745ae94ab4baa2284f640f7915c1fa16

Sharing

Copy URL Twitter E-mail

General

Target

a2f1cc57e19271f6983f0e75aac3dae4745ae94ab4baa2284f640f7915c1fa16
Size

816KB
MD5

41a1908a3c0248c63d3f99e17c264650
SHA1

9f060cd5c619361c77a67a86f46aed0a11838d04
SHA256

a2f1cc57e19271f6983f0e75aac3dae4745ae94ab4baa2284f640f7915c1fa16
SHA512

6ea56eb9027d0796d6f206df7780b03c972785f87ebb68253d68638b62c4227c5cca0bcc0d75ade4df6c12e670b0e405067c6ce2ebab058787fba07202ae69a8
SSDEEP

24576:x7edEz/rmnbHDK0Bq4wvXID6jrSdmL5MZfczI:nz/Ni6MZfc

Score

N/A

Malware Config

Signatures

Files

a2f1cc57e19271f6983f0e75aac3dae4745ae94ab4baa2284f640f7915c1fa16
.dll regsvr32 windows x86

8bc2fb6a1c94da07f8a249263179ab45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d8

Direct3DCreate8

kernel32

DeleteCriticalSection
DisableThreadLibraryCalls
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileW
GetVersionExA
UnmapViewOfFile
FindResourceW
HeapFree
GetProcessHeap
GetProcAddress
WriteFile
IsProcessorFeaturePresent
ReadFile
GetCommandLineA
HeapReAlloc
CompareStringA
FlushFileBuffers
GetLocaleInfoW
SetStdHandle
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
HeapDestroy
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetFilePointer
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
LCMapStringW
LCMapStringA
RaiseException
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
IsDBCSLeadByte
lstrcmpiA
IsBadWritePtr
VirtualAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
HeapAlloc
Sleep
ExitProcess
TerminateProcess
HeapCreate
VirtualFree
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
GetModuleHandleA
GetShortPathNameA
lstrlenW
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
lstrcpynA
FreeLibrary
GetCurrentProcess
FlushInstructionCache
LoadLibraryA
MulDiv
QueryPerformanceFrequency
QueryPerformanceCounter
GetFullPathNameA
CreateFileA
CloseHandle
lstrcpyA
lstrcatA
CompareStringW
SetEnvironmentVariableA
GetVersion

shell32

ShellExecuteA

gdiplus

GdipBitmapUnlockBits
GdipDeleteGraphics
GdipFree
GdiplusShutdown
GdipCreateBitmapFromResource
GdipSetStringFormatAlign
GdipCreateBitmapFromFileICM
GdipCreateFontFamilyFromName
GdipCreateFont
GdipCreateSolidFill
GdipCreateStringFormat
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipDrawString
GdipDeleteStringFormat
GdipDeleteFont
GdipDeleteFontFamily
GdipDisposeImage
GdipCloneImage
GdipCloneBrush
GdiplusStartup
GdipAlloc
GdipCreateBitmapFromStream
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageRawFormat
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipSetInterpolationMode
GdipDrawImageRectRectI
GdipCreateLineBrushFromRect
GdipFillRectangle
GdipCreateLineBrushFromRectI
GdipFillRectangleI
GdipBitmapLockBits
GdipDeleteBrush

ddraw

DirectDrawCreate

winmm

timeGetTime

user32

SystemParametersInfoA
MapWindowPoints
SetDlgItemTextA
GetDlgItemTextA
EndDialog
DialogBoxParamA
TrackMouseEvent
PeekMessageA
wsprintfA
CallWindowProcA
UnhookWindowsHookEx
DestroyWindow
PostMessageA
SetCursor
GetSysColorBrush
LoadCursorA
GetWindow
GetSystemMetrics
CreateWindowExA
GetDC
ReleaseDC
SetWindowLongA
IsWindowUnicode
SetWindowsHookExA
ShowWindow
UpdateWindow
DefWindowProcA
GetAsyncKeyState
GetParent
LoadStringA
wsprintfW
CharNextA
RegisterWindowMessageA
CallNextHookEx
SetWindowPos
GetWindowLongA
GetWindowRect
GetClientRect
RegisterClassA

gdi32

CreateDIBSection
SetMapMode
GetDeviceCaps
CreateFontA
SetTextColor
SetBkColor
SetTextAlign
GetTextExtentPoint32A
ExtTextOutA
CreateDIBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
DeleteDC

advapi32

RegCreateKeyExA
RegOpenKeyA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegCloseKey
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree

oleaut32

LoadRegTypeLi
VarUI4FromStr
SysStringLen
SysAllocString
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 380KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8bc2fb6a1c94da07f8a249263179ab45

Headers

File Characteristics

Imports

d3d8

kernel32

shell32

gdiplus

ddraw

winmm

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 380KB - Virtual size: 379KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 40KB - Virtual size: 59KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 264KB - Virtual size: 263KB

.reloc Size: 24KB - Virtual size: 20KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 380KB - Virtual size: 379KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 40KB - Virtual size: 59KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 264KB - Virtual size: 263KB

.reloc
Size: 24KB - Virtual size: 20KB

.rmnet
Size: 60KB - Virtual size: 60KB