15bcd5f51cdfb38777d43ff68278ce49e97f7939af08e786c2b6931ad0df3bab

Sharing

Copy URL Twitter E-mail

General

Target

15bcd5f51cdfb38777d43ff68278ce49e97f7939af08e786c2b6931ad0df3bab
Size

121KB
MD5

421978599f63614bd2c4b7073d912750
SHA1

4e5da6a61c3ddae215f323b282746dbd5d27e406
SHA256

15bcd5f51cdfb38777d43ff68278ce49e97f7939af08e786c2b6931ad0df3bab
SHA512

39faacac4cd28de4b00a03cec45ea2d94329e02b5e533b5b67729ac68335cf9ab00c31d0ae6d4c7c1d4e71427c66b11000f9890fd6ded97d48dad885742750fa
SSDEEP

3072:8PYkaAYBFcLS85vrr8azL8TbhuPbcfEbH0M1:8gVAYQLS85jNL8xOT31

Score

N/A

Malware Config

Signatures

Files

15bcd5f51cdfb38777d43ff68278ce49e97f7939af08e786c2b6931ad0df3bab
.dll regsvr32 windows x86

d282c7a4e6bb59011c8238535bd1aa1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_initterm
_amsg_exit
_adjust_fdiv
memset
bsearch
free
wcsstr
wcsrchr
malloc
_XcptFilter
memcpy

gdi32

LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateFontIndirectW
SelectObject
DeleteObject
GetTextCharset
EnumFontFamiliesExW
RestoreDC
SetWindowOrgEx
SaveDC
CreateRectRgnIndirect
CreateDCW
GetDeviceCaps
ExtEscape

kernel32

GetUserDefaultUILanguage
EnumUILanguagesW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetLocaleInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
VirtualFree
CompareStringW
GetVersion
GetProcessHeap
GetModuleHandleW
HeapReAlloc
HeapSize
LoadLibraryA
SetLastError
GetModuleFileNameA
DisableThreadLibraryCalls
HeapFree
HeapAlloc
GetProcAddress
GetSystemDefaultLCID
LocalAlloc
TerminateProcess
UnhandledExceptionFilter
GetVersionExW
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
MultiByteToWideChar
FlushInstructionCache
GetCurrentProcess
GetLastError
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
lstrlenA
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameW
HeapDestroy

user32

GetSystemMetrics
GetKeyboardLayoutList
IsCharAlphaW
CallWindowProcW
DefWindowProcW
GetKeyState
CharNextW
CharPrevW
CreateWindowExW
DestroyWindow
GetWindowLongW
SetWindowLongW
SetWindowPos
GetClientRect
BeginPaint
EndPaint
GetDC
ReleaseDC
InvalidateRect
ShowWindow
SetFocus
IsChild
SetWindowRgn
IsWindow
GetClassInfoExW
LoadCursorW
wsprintfW
RegisterClassExW
GetFocus
DestroyAcceleratorTable
IntersectRect
EqualRect
OffsetRect

advapi32

RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteKeyW

oleaut32

SafeArrayGetUBound
SysAllocString
SysStringLen
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
OleCreatePropertyFrame
VariantInit
SafeArrayCopy
VariantChangeTypeEx
SafeArrayGetElement
SysFreeString
SafeArrayGetLBound
SafeArrayDestroy
SysAllocStringLen

ole32

CoCreateInstance
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CreateOleAdviseHolder
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

iertutil

ord309
ord9

urlmon

ord414

shlwapi

StrCpyW
StrCatW
StrCmpIW
StrCpyNW
StrStrIA
ord29

Exports

Exports

DllCanUnloadNow
DllEnumClassObjects
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d282c7a4e6bb59011c8238535bd1aa1e

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

gdi32

kernel32

user32

advapi32

oleaut32

ole32

iertutil

urlmon

shlwapi

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 52KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 3KB - Virtual size: 2KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 52KB - Virtual size: 52KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 3KB - Virtual size: 2KB

.rmnet
Size: 56KB - Virtual size: 60KB