6ed49656e11c8f097bc839472e5fee497e24e14f3bea6b91ade0cc9856288102

Sharing

Copy URL Twitter E-mail

General

Target

6ed49656e11c8f097bc839472e5fee497e24e14f3bea6b91ade0cc9856288102
Size

387KB
MD5

610337f225c2a3fc78e30a6da10f2343
SHA1

367c071a6fd07044521db288a02597be44935425
SHA256

6ed49656e11c8f097bc839472e5fee497e24e14f3bea6b91ade0cc9856288102
SHA512

4b890fe1758e303c503f92f574fb114ef1d84523d8488935bff537489956b8a04ca9fad96d5db3998482ee260862c2701ed4bffacb52a4c17bcc5ece91ca5dca
SSDEEP

6144:7OPh7CUl+8jlzln+L0B2j36iYCkDJhBejs+3k1lD5wb2JEZN3:iPh7CXgoLB2pjofUumEZN3

Score

N/A

Malware Config

Signatures

Files

6ed49656e11c8f097bc839472e5fee497e24e14f3bea6b91ade0cc9856288102
.dll regsvr32 windows x86

760bbf30b5b03912fc7cc6add8ddbff3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlUnwind

kernel32

SetCurrentDirectoryW
LeaveCriticalSection
EnterCriticalSection
GetCurrentDirectoryW
RemoveDirectoryW
CreateThread
LocalFree
FormatMessageW
GetLastError
DeleteFileW
CopyFileW
DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
FreeLibrary
GetProcAddress
LoadLibraryW
FindNextFileW
CloseHandle
CreateFileW
FileTimeToSystemTime
CreateDirectoryW
CompareFileTime
GetFileTime
lstrcmpiW
GlobalUnlock
GlobalLock
lstrcmpW
lstrcpynW
LocalAlloc
GetCalendarInfoW
TlsSetValue
TlsGetValue
TlsAlloc
TlsFree
GetDiskFreeSpaceExW
MultiByteToWideChar
lstrlenA
GetTempPathW
GetFileSizeEx
GetDriveTypeW
GlobalFree
lstrcpyW
GlobalAlloc
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
GetFileInformationByHandle
GlobalSize
GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc
ReadFile
WriteFile
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetFileAttributesA
SetLastError
ExitProcess
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FindFirstFileW
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
GetACP
GetOEMCP
GetCPInfo
UnhandledExceptionFilter
VirtualAlloc
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InterlockedExchange
VirtualQuery
VirtualProtect
GetSystemInfo
GetTimeZoneInformation
SetFilePointer
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindClose
GetFileAttributesW
SetFileAttributesW
lstrlenW
ExitThread
GetVolumeInformationA
SetFileAttributesA
CreateDirectoryA
LocalLock
LocalUnlock
lstrcmpiA
IsDBCSLeadByte
FindFirstFileA
FileTimeToDosDateTime
DeleteFileA
GlobalReAlloc
CreateFileA
GetDriveTypeA
GlobalHandle
SetUnhandledExceptionFilter
GetCurrentProcess
GetWindowsDirectoryW
TerminateProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
DosDateTimeToFileTime
FileTimeToLocalFileTime
GetTickCount
GetModuleFileNameW
lstrcmpA
MoveFileA
SetVolumeLabelA
FindNextFileA
GetDiskFreeSpaceA
RemoveDirectoryA
SetCurrentDirectoryA
GetTempFileNameA
GetCurrentProcessId
GetSystemWindowsDirectoryW
LoadLibraryExA
GetCurrentDirectoryA
GetEnvironmentStrings
GetFullPathNameA
GetFileSize
GetModuleHandleW

gdi32

GetStockObject
DeleteObject
GetDeviceCaps
CreateFontIndirectW

user32

GetSubMenu
GetParent
SetWindowTextW
GetDlgItem
LoadStringW
SetWindowLongW
EndDialog
ShowCursor
DeleteMenu
CreateWindowExW
CharUpperBuffA
CharPrevA
CharNextA
DispatchMessageA
PeekMessageA
CharUpperA
MessageBoxA
GetActiveWindow
CharLowerA
CharToOemBuffA
CharToOemA
OemToCharBuffA
SetDlgItemTextW
GetDesktopWindow
DialogBoxParamW
LoadMenuW
SendDlgItemMessageW
RemoveMenu
GetForegroundWindow
TrackPopupMenu
RegisterClassW
DefWindowProcW
CharNextW
GetWindowLongW
SystemParametersInfoW
GetWindowRect
SetForegroundWindow
GetDlgItemTextW
InsertMenuW
RegisterClipboardFormatW
LoadCursorW
SetCursor
SetMenuDefaultItem
DestroyMenu
GetAsyncKeyState
CheckDlgButton
SetFocus
EnableWindow
GetWindowTextW
PeekMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
MessageBoxW
ShowWindow
IsDlgButtonChecked
DestroyWindow
SendMessageW
PostMessageW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ord165
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetFolderPathW
SHSetLocalizedName
ord155
ord28
ord256
SHGetFileInfoW
SHGetSpecialFolderPathW
ord743
DragQueryFileW
ord190
SHFileOperationW
ord182
ord18
ord16
ord67
ord73
ord745
ord744
ShellExecuteExW
ShellExecuteW
ord17
SHGetDesktopFolder
ord25
SHChangeNotify
SHGetMalloc

ole32

CreateBindCtx
CoInitializeEx
CoUninitialize
CoCreateInstance
ReleaseStgMedium
OleGetClipboard
CoTaskMemFree
OleSetClipboard

oleaut32

SysAllocString
VariantInit
VariantClear
SystemTimeToVariantTime
SafeArrayCreateVector
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData

shlwapi

wnsprintfW
PathAppendW
StrCpyNW
PathFileExistsW
PathRemoveBlanksW
SHStrDupW
PathFindFileNameW
StrChrW
PathFindExtensionW
PathCompactPathW
StrStrW
PathCombineW
PathCanonicalizeW
PathIsRelativeW
PathIsPrefixW
PathRemoveFileSpecW
PathSkipRootW
PathStripToRootW
ord16
StrFormatKBSizeW
PathFindFileNameA
StrCmpNIW
ord215
ord217
ord219
ord346
ord199
ord456
ord485
ord354
ord107
PathCommonPrefixW
PathRemoveBackslashW
PathCompactPathExW
StrCatBuffW
StrToIntW
StrRetToBufW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
RegisterSendto
RouteTheCall

Sections

.text
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

760bbf30b5b03912fc7cc6add8ddbff3

Headers

File Characteristics

Imports

ntdll

kernel32

gdi32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 206KB - Virtual size: 206KB

.data Size: 9KB - Virtual size: 16KB

.rsrc Size: 102KB - Virtual size: 102KB

.reloc Size: 12KB - Virtual size: 11KB

.rdata Size: 56KB - Virtual size: 56KB

.text
Size: 206KB - Virtual size: 206KB

.data
Size: 9KB - Virtual size: 16KB

.rsrc
Size: 102KB - Virtual size: 102KB

.reloc
Size: 12KB - Virtual size: 11KB

.rdata
Size: 56KB - Virtual size: 56KB