7e868eaaef87b15de8c4ee53f7552e7e44d08ff877e3fc100d9810c5138275ee

Sharing

Copy URL Twitter E-mail

General

Target

7e868eaaef87b15de8c4ee53f7552e7e44d08ff877e3fc100d9810c5138275ee
Size

376KB
MD5

36dbfd6a8b6844ab6012f0d64717e68b
SHA1

a1477ca4cdf1f20c3c0e446f4405612381ebdc6d
SHA256

7e868eaaef87b15de8c4ee53f7552e7e44d08ff877e3fc100d9810c5138275ee
SHA512

9ce02c283f47024bbfb4b779672fc1071ddaf426bb3a9df81d32c03bcb97029753d36c926678750121c7ce23ddb2c7bcb9c733f3d1ba607059ae1412c49eec0e
SSDEEP

6144:6T0GqIWkwgPI4ls02xhAVDgeeNMPaZRupn+aZGVXpEqI2JX6gAy/Awh:63tWkwgPbs098Ec8B+XLEqIeX6gAy/x

Score

N/A

Malware Config

Signatures

Files

7e868eaaef87b15de8c4ee53f7552e7e44d08ff877e3fc100d9810c5138275ee
.dll regsvr32 windows x86

ed843d051f1c3ad2c24503a85264c6c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

GetModuleFileNameA
lstrcatA
InterlockedIncrement
InterlockedDecrement
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
GlobalFree
GlobalUnlock
GlobalLock
FreeResource
GlobalAlloc
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
ExitProcess
GetCurrentThreadId
SetLastError
MulDiv
lstrcmpA
GlobalHandle
FreeLibrary
lstrlenA
GetWindowsDirectoryA
LoadLibraryA
GetSystemDirectoryA
IsBadWritePtr
IsBadReadPtr
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
GetCPInfo
GetOEMCP
SetUnhandledExceptionFilter
TerminateProcess
VirtualFree
HeapCreate
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCommandLineA
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
LocalFree
HeapSize
HeapReAlloc
HeapDestroy
lstrcpyA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
GetModuleHandleA
GetProcAddress
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
IsBadCodePtr
GetPrivateProfileStringA
GetStringTypeA
GetStringTypeW
SetFilePointer
SetStdHandle
FlushFileBuffers
CloseHandle
FreeEnvironmentStringsW

user32

MapDialogRect
SetWindowContextHelpId
LoadStringA
GetActiveWindow
GetScrollPos
SetScrollPos
ShowScrollBar
DialogBoxIndirectParamA
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetClassInfoExA
ValidateRect
wsprintfA
RegisterClassExA
IsIconic
CreateAcceleratorTableA
CharNextA
GetClassNameA
IsWindow
GetFocus
IsChild
GetWindow
DestroyAcceleratorTable
CallWindowProcA
GetDesktopWindow
InvalidateRgn
InvalidateRect
FillRect
GetSysColor
DestroyWindow
DefWindowProcA
ReleaseCapture
BeginDeferWindowPos
EndDeferWindowPos
IsRectEmpty
GetCursorPos
LoadCursorA
SetCursor
DrawFrameControl
GetSystemMetrics
CreateWindowExA
SystemParametersInfoA
GetDlgItem
SendDlgItemMessageA
SetCapture
RedrawWindow
ShowWindow
ReleaseDC
GetDC
EndPaint
BeginPaint
GetWindowPlacement
GetClientRect
MoveWindow
IsZoomed
GetWindowLongA
SetWindowLongA
EndDialog
MessageBoxA
SetRectEmpty
SendMessageA
PtInRect
GetWindowRect
GetParent
ScreenToClient
DeferWindowPos
SetWindowPos
UnregisterClassA
LoadIconA
SetFocus

gdi32

DeleteObject
SelectObject
SetBrushOrgEx
CreateSolidBrush
GetStockObject
GetObjectA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
CreateBitmap
CreatePatternBrush
PatBlt

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegQueryValueExA
RegDeleteKeyA

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CLSIDFromProgID
CoGetClassObject
OleLockRunning
CLSIDFromString
CreateStreamOnHGlobal
CoCreateInstance
StringFromGUID2
OleInitialize
OleUninitialize
CoTaskMemAlloc

oleaut32

SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
SysAllocStringLen
SysStringLen
OleLoadPicture
OleCreateFontIndirect
LoadRegTypeLi
DispCallFunc
VariantChangeType
CreateErrorInfo

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
checkbox_tree

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ed843d051f1c3ad2c24503a85264c6c8

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 122KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 16KB - Virtual size: 12KB

.reloc Size: 12KB - Virtual size: 9KB

.text Size: 196KB - Virtual size: 196KB

.text
Size: 124KB - Virtual size: 122KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 16KB - Virtual size: 12KB

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 196KB - Virtual size: 196KB