b9615617b6c763ff27222819ea53b4f6c34750232f6a33ff99d8699a0ce7bae6

Sharing

Copy URL Twitter E-mail

General

Target

b9615617b6c763ff27222819ea53b4f6c34750232f6a33ff99d8699a0ce7bae6
Size

292KB
MD5

011b8fbdb51441683ceb49fc98c38e49
SHA1

77aee4229de96a42a04133bbd22a73b760cdd26a
SHA256

b9615617b6c763ff27222819ea53b4f6c34750232f6a33ff99d8699a0ce7bae6
SHA512

cd31249e29f1e5a068370ea6265758f77a01a4b8b05b1db7cb41b53927b739aa8e953d768998adb6804926a13f82ffaff7d820e7db94106075f557534b00acff
SSDEEP

6144:QDUcvXMispBhgeeNMPaZRupn+aZGVXpEqI2JX6gAy/Aw/:Qw3is0Ec8B+XLEqIeX6gAy/v

Score

N/A

Malware Config

Signatures

Files

b9615617b6c763ff27222819ea53b4f6c34750232f6a33ff99d8699a0ce7bae6
.dll regsvr32 windows x86

dcf94269dcfc24d9f2005825b6eda075

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lame_enc

ord100
ord101
ord120
ord110
ord102
ord140

msvcrt

__dllonexit
_adjust_fdiv
malloc
_initterm
__CxxFrameHandler
_purecall
??2@YAPAXI@Z
fopen
_strtime
_vsnprintf
fwrite
fclose
_ftol
atof
sprintf
memmove
calloc
free
??3@YAXPAX@Z
_onexit

winmm

timeSetEvent
timeGetTime

kernel32

GetCurrentThread
GetThreadPriority
SetThreadPriority
GetACP
WideCharToMultiByte
GetTickCount
CreateThread
InterlockedExchange
SetErrorMode
GetProcAddress
VirtualAlloc
GetSystemInfo
ReleaseSemaphore
CreateSemaphoreA
WaitForSingleObject
WaitForMultipleObjects
SetEvent
GetCurrentThreadId
lstrcmpiA
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
MulDiv
lstrcpyA
lstrcatA
lstrlenA
InterlockedIncrement
InterlockedDecrement
FreeLibrary
LoadLibraryA
MultiByteToWideChar
GetLastError
GetModuleFileNameA
GetVersionExA
DisableThreadLibraryCalls
CloseHandle
CreateEventA
ResetEvent
DuplicateHandle
GetCurrentProcess
VirtualFree

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
RegSetValueA
RegEnumKeyExA
RegSetValueExA
RegDeleteKeyA
RegQueryValueExA

user32

LoadStringW
wvsprintfA
MsgWaitForMultipleObjects
DispatchMessageA
GetQueueStatus
RegisterWindowMessageA
CheckRadioButton
SetWindowTextA
GetDlgItem
IsDlgButtonChecked
GetWindowTextA
GetWindowLongA
SetWindowLongA
CreateDialogParamA
MoveWindow
InvalidateRect
ShowWindow
DestroyWindow
DefWindowProcA
wsprintfA
LoadStringA
PeekMessageA
GetWindowRect
GetDesktopWindow
PostThreadMessageA

ole32

CoCreateInstance
CoInitialize
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoFreeUnusedLibraries
CoUninitialize

oleaut32

SysFreeString
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dcf94269dcfc24d9f2005825b6eda075

Headers

File Characteristics

Imports

lame_enc

msvcrt

winmm

kernel32

advapi32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 4KB - Virtual size: 672B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text Size: 196KB - Virtual size: 196KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 672B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 196KB - Virtual size: 196KB