97a96c21ef43aa7fdb1de0da891e9c93db0ca2064fbc3d34f3c5d4c8d7ddaf00

Sharing

Copy URL Twitter E-mail

General

Target

97a96c21ef43aa7fdb1de0da891e9c93db0ca2064fbc3d34f3c5d4c8d7ddaf00
Size

132KB
MD5

63543b977a0e9b1c630ff30cf2048de9
SHA1

ff2012de87b8ab7ea0694314a23dbae4fc4fb204
SHA256

97a96c21ef43aa7fdb1de0da891e9c93db0ca2064fbc3d34f3c5d4c8d7ddaf00
SHA512

fed3b390b74ce2c78e0ba3a48e54daafff35367812a5c7c5ec943e40349a98c4373c633145cace1e161672eaa11c983db53d53550a339a83d0194a746df3f94d
SSDEEP

3072:CJmlaW8yll9dHtOxcopWEADD3sJ2wa36ayxRF:CxWLdHtmoD3I2wTa

Score

N/A

Malware Config

Signatures

Files

97a96c21ef43aa7fdb1de0da891e9c93db0ca2064fbc3d34f3c5d4c8d7ddaf00
.dll regsvr32 windows x86

97cd4e80b37468cbe7156bdd2199ec66

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

atl

ord15
ord32
ord23
ord30
ord57
ord18
ord21
ord58
ord16

ntdll

RtlUnwind

kernel32

InterlockedDecrement
DisableThreadLibraryCalls
LeaveCriticalSection
EnterCriticalSection
lstrlenW
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
FreeEnvironmentStringsA
InterlockedIncrement
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
WriteFile
HeapAlloc
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
IsBadWritePtr
LoadLibraryA
InterlockedExchange
VirtualQuery
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
UnhandledExceptionFilter
DeleteCriticalSection
InitializeCriticalSection
GetSystemTimeAsFileTime
TerminateProcess
GetEnvironmentStrings
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetCurrentProcess

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA

oleaut32

SysStringLen
LoadRegTypeLi
SysFreeString
VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97cd4e80b37468cbe7156bdd2199ec66

Headers

File Characteristics

Imports

atl

ntdll

kernel32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 25KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 102KB - Virtual size: 101KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 26KB - Virtual size: 25KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 102KB - Virtual size: 101KB

.reloc
Size: 2KB - Virtual size: 1KB