7a7da70731199d3c9800e93b5b9f504dc71e2e95e11b727b9739f3bb54b42a9f

Sharing

Copy URL Twitter E-mail

General

Target

7a7da70731199d3c9800e93b5b9f504dc71e2e95e11b727b9739f3bb54b42a9f
Size

300KB
MD5

6dcf219a67566168bb020b526f3adec4
SHA1

3a54b701248d56daa34bed112612994c0e77bced
SHA256

7a7da70731199d3c9800e93b5b9f504dc71e2e95e11b727b9739f3bb54b42a9f
SHA512

3748683593fab5d8fb170b4184f56f68f9175e458d1aa4a9dfe41f267bd0241601572dc1fe67c971c3b4048256fa21ed4c8cbe013d5273aac59bbc7f62e8b9bc
SSDEEP

3072:HdKLuyi/i0mcRdW3itb8B66G2mFrqdo3A1xqbMT/18:Hoayi/acZtb11wo3Uqgq

Score

N/A

Malware Config

Signatures

Files

7a7da70731199d3c9800e93b5b9f504dc71e2e95e11b727b9739f3bb54b42a9f
.dll regsvr32 windows x86

938969ae30545837163477297ce73fa3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc71

ord265
ord266
ord3683
ord3830
ord2248
ord1049
ord4038
ord4014
ord6278
ord581
ord1167
ord1092
ord1084
ord1209
ord1177
ord1175
ord1201
ord1120
ord371
ord1098
ord1208
ord1206
ord1037
ord315
ord765
ord757
ord566
ord3333
ord4261
ord4481
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2838
ord2714
ord4307
ord2835
ord2731
ord578
ord2537
ord5566
ord5213
ord5230
ord4568
ord3948
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord2063
ord4326
ord6276
ord762
ord1917
ord764
ord1482
ord4109
ord4081
ord2272
ord1187
ord1191
ord304
ord314
ord310
ord784
ord3934
ord2902
ord865
ord3997
ord911
ord876
ord2469
ord3801

msvcr71

memmove
memset
_resetstkoflw
_except_handler3
__CxxFrameHandler
memcpy
_mbsrchr
_mbscmp
_mbslwr
_purecall
memcmp
realloc
free
malloc
wcsncpy
wcscpy
_CRT_RTC_INIT
_adjust_fdiv
__CppXcptFilter
__security_error_handler
_onexit
_initterm
__dllonexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ

kernel32

SetEvent
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DebugBreak
ExitProcess
LocalAlloc
LocalFree
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
CompareStringA
CompareStringW
GetEnvironmentVariableA
GetEnvironmentVariableW
lstrcatA
lstrcpyA
RaiseException
GetCurrentThreadId
IsDBCSLeadByte
lstrcmpiA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
GetModuleFileNameA
GetModuleHandleA
GetCurrentProcess
FlushInstructionCache
HeapAlloc
FreeLibrary
GetProcessHeap
HeapFree
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
LoadLibraryA
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
Process32Next
Process32First
CreateToolhelp32Snapshot
CloseHandle
CreateEventA
GetVersion
CreateThread
GetLastError
Sleep
ResetEvent
lstrcpynA
WideCharToMultiByte
lstrlenW
DeleteFileA
WaitForSingleObject
WaitForMultipleObjects
MultiByteToWideChar
lstrlenA
GetThreadLocale
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA

user32

wsprintfA
DispatchMessageA
TranslateMessage
PeekMessageA
ReleaseDC
GetDC
DestroyWindow
DefWindowProcA
ShowWindow
SetFocus
GetParent
SetWindowLongA
GetWindowLongA
CallWindowProcA
CreateWindowExA
GetClassInfoExA
LoadCursorA
RegisterClassExA
CharNextA
UnregisterClassA
CharLowerW
CharLowerA
CharUpperW
CharUpperA
IsWindow
InvalidateRect
GetKeyState
PtInRect
UnionRect
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
IsChild
GetFocus
EndPaint
GetClientRect
BeginPaint

gdi32

TextOutA
SetTextAlign
Rectangle
SelectClipRgn
CreateRectRgn
GetClipRgn
CreateDCA
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA
GetDeviceCaps
LPtoDP
RestoreDC
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
CreateRectRgnIndirect

advapi32

RegCloseKey
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA

shlwapi

PathFileExistsA
PathFindExtensionA

ole32

StringFromGUID2
OleSaveToStream
WriteClassStm
OleLoadFromStream
CoUnmarshalInterface
CreateStreamOnHGlobal
CoMarshalInterface
CoTaskMemRealloc
CoTaskMemAlloc
CreateDataAdviseHolder
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemFree
CoCreateInstance

oleaut32

SysStringByteLen
VariantClear
VariantInit
SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString
UnRegisterTypeLi
LoadRegTypeLi
VariantChangeType
OleCreatePropertyFrame
VarUI4FromStr
LoadTypeLi
SysAllocStringByteLen
RegisterTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

938969ae30545837163477297ce73fa3

Headers

File Characteristics

Imports

mfc71

msvcr71

kernel32

user32

gdi32

advapi32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 232KB - Virtual size: 228KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 4KB - Virtual size: 7KB

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 232KB - Virtual size: 228KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 4KB - Virtual size: 7KB

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 12KB - Virtual size: 8KB