604e0b824465c070012e7ea5e4cf972d8d0e7138cc3331dfa71bd0bc6c79de64

Sharing

Copy URL Twitter E-mail

General

Target

604e0b824465c070012e7ea5e4cf972d8d0e7138cc3331dfa71bd0bc6c79de64
Size

280KB
MD5

86ba909b78c941b5eb788219dbba358e
SHA1

f806e21b18b394a7537bcda5ad5ec629147003b4
SHA256

604e0b824465c070012e7ea5e4cf972d8d0e7138cc3331dfa71bd0bc6c79de64
SHA512

1d19f5b1b2cb3082b843f6b9a8db284e3f6b88d1fcdc68a1ffc6499b1ab277047fa9cb5a16de001a67b9f9e7caefb225165f73d3e2654328a2ed3903c38c8786
SSDEEP

3072:tZMJj6ikzi9oZVT2X1VQ3YLNOPJMS2GCpgFO61nuRwNTBfYdH6UesLFCt2UqSkH:KNKiSZqO4kO6XNTBgdBXNV

Score

N/A

Malware Config

Signatures

Files

604e0b824465c070012e7ea5e4cf972d8d0e7138cc3331dfa71bd0bc6c79de64
.dll regsvr32 windows x86

aa4fa0d61752ac54693ff7d74faf633f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
FreeLibrary
MultiByteToWideChar
LoadLibraryExW
GetModuleHandleW
GetTempPathW
GetACP
GetLongPathNameW
CreateDirectoryW
GetFileAttributesW
GetTickCount
DeleteFileW
GetCurrentProcessId
SetThreadLocale
GetThreadLocale
SetFileAttributesW
lstrcmpiW
FindFirstFileW
FindNextFileW
SetLastError
CloseHandle
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
FlushFileBuffers
GetFileSize
GetFileTime
CreateFileW
GetProcAddress
LoadLibraryW
InterlockedExchange
GetPrivateProfileStringW
GetUserDefaultLCID
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetDriveTypeA
GetLastError
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
FindClose
lstrlenW
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
SetHandleCount
GetConsoleMode
GetConsoleCP
GetCurrentDirectoryA
GetFullPathNameW
Sleep
IsValidCodePage
GetOEMCP
GetCPInfo
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetTimeZoneInformation
GetModuleFileNameA
GetStdHandle
ExitProcess
GetModuleHandleA
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
GetProcessHeap
GetLocaleInfoA
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
GetStartupInfoA
GetFileType
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
HeapReAlloc
GetSystemTimeAsFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetCurrentThreadId
GetCommandLineA
GetVersionExA

user32

LoadStringW
CharNextW
UnregisterClassA

advapi32

RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
IsTextUnicode

shell32

SHFileOperationW
SHGetFolderPathW

ole32

CoTaskMemRealloc
CoTaskMemFree
ProgIDFromCLSID
StringFromGUID2
StgOpenStorage
CoCreateInstance
CoTaskMemAlloc

oleaut32

RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysStringLen
VariantCopy
VarUI4FromStr
CreateErrorInfo
SetErrorInfo
SafeArrayDestroy
SafeArrayCreate
VariantCopyInd
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SafeArrayUnlock
SafeArrayLock
SafeArrayGetUBound
SafeArrayGetLBound
VariantClear
SafeArrayCopy
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayGetVartype
SysAllocStringLen

shlwapi

UrlUnescapeW
UrlCanonicalizeA
UrlUnescapeA
PathCreateFromUrlW
UrlCanonicalizeW
StrStrIW
StrTrimW
PathAddBackslashW
PathFileExistsW
StrStrIA
UrlIsW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa4fa0d61752ac54693ff7d74faf633f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 196KB - Virtual size: 195KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 196KB - Virtual size: 195KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 16KB - Virtual size: 13KB