4c169812548b7514833e48e33fdbaee5c049037e46e05e5ce403875ca876f433

Sharing

Copy URL

Twitter E-mail

General

Target

4c169812548b7514833e48e33fdbaee5c049037e46e05e5ce403875ca876f433
Size

84KB
MD5

328bf5cd930e224839b3cc3948d4aaa5
SHA1

4e51fd977804fa767c5331fd5ffca009c3620c22
SHA256

4c169812548b7514833e48e33fdbaee5c049037e46e05e5ce403875ca876f433
SHA512

65d4e7e1c47baf71bcc590c38ea15131f75a319e730e620c10b5ee800c483d874a46fb99a383ba24750b16c7692e663c5e753d13bfd1b82647927af445694f30
SSDEEP

1536:i2gY5TLetKp1R+6ENHufJYtjSDro+hfdCgO3Hd+A6pXw2gBwaTNFY:tTLQKfQ6ENHXBSw+9dWtoXJgBwaJF

Score

N/A

Malware Config

Signatures

Files

4c169812548b7514833e48e33fdbaee5c049037e46e05e5ce403875ca876f433
.dll regsvr32 windows x86

7641ebbb2dfe5570b0e205df8ed8aded

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumUILanguagesW
SetCommState
MoveFileW
OpenSemaphoreA
CreateRemoteThread
HeapUnlock
GetVersion
GetCommState
SetComputerNameExW
OpenProcess
VirtualQueryEx
FindFirstChangeNotificationA
lstrcpyW
GetSystemPowerStatus
SetDefaultCommConfigW
GetSystemDirectoryA
FlushConsoleInputBuffer
GetCPInfo
GlobalAddAtomA
SearchPathA
EscapeCommFunction
SetupComm
FindFirstVolumeW
HeapSetInformation
TerminateProcess
lstrcpynA
FindNextChangeNotification
GetDiskFreeSpaceExW
FindResourceW
BeginUpdateResourceA
GetLogicalDriveStringsA
SetNamedPipeHandleState
BackupWrite
MultiByteToWideChar
GetTimeFormatW
PeekConsoleInputA
LockFileEx
GetStringTypeW
GetConsoleCP
GetDateFormatW
CreateConsoleScreenBuffer
FindActCtxSectionStringW
GetFullPathNameW
DisconnectNamedPipe
LocalFileTimeToFileTime
MoveFileExW
SetInformationJobObject
GetCompressedFileSizeW
GetSystemWindowsDirectoryA
GetCurrentDirectoryA
GetTempFileNameW
TransactNamedPipe
UnregisterWaitEx
EndUpdateResourceA
SetFileAttributesA
CreateIoCompletionPort
GetTapeParameters
OpenThread
DeleteCriticalSection
BackupRead
LocalUnlock
GetLogicalDriveStringsW
GetModuleFileNameW
IsBadStringPtrA
RaiseException
UnlockFile
FileTimeToDosDateTime
IsBadWritePtr
CallNamedPipeA
GetVolumePathNameW
SetCurrentDirectoryA
FindNextFileW
SetEndOfFile
SetSystemTime
AllocConsole
GetConsoleOutputCP
GetExitCodeProcess
WinExec
OpenFileMappingW
FindFirstChangeNotificationW
SetConsoleCursorPosition
SetComputerNameA
GetThreadContext
GetStartupInfoW
FlushViewOfFile
GetSystemDefaultLangID
GetStdHandle
GetSystemDefaultUILanguage
GlobalFree
GetProcessAffinityMask
GetExitCodeThread
OpenEventA
GetFileTime
GetCurrentThread
IsBadReadPtr
CopyFileW
SetConsoleScreenBufferSize
ResetEvent
RtlMoveMemory
GetTempFileNameA
MoveFileExA
GetShortPathNameA
GetSystemInfo
CopyFileExW
GetDefaultCommConfigW
GetDiskFreeSpaceA
GetSystemTimeAdjustment
GetHandleInformation
LocalReAlloc
GetOverlappedResult
GetUserDefaultLangID
SwitchToThread
SetCurrentDirectoryW
lstrcmpW
GetStringTypeExA
CreateHardLinkW
OpenEventW
RemoveDirectoryW
GetLocaleInfoW
GetProfileStringA
WideCharToMultiByte
CopyFileA
GlobalAlloc
CreateDirectoryA
GetTickCount
GetLastError
ExpandEnvironmentStringsA
GetComputerNameA
ReadFile
CloseHandle
CreateMutexA
GetProcessHeap
CreateProcessA
EnterCriticalSection
GetModuleHandleA
CreateThread
CreateFileMappingA
VirtualProtect
VirtualQuery
LeaveCriticalSection
InterlockedDecrement
WaitForSingleObject
Sleep
MapViewOfFile
HeapFree
GetProcAddress
DeleteFileA
LoadLibraryA
ReleaseMutex
GetCurrentProcessId
GetVolumePathNamesForVolumeNameW
InterlockedExchange

user32

LoadMenuA
PostThreadMessageA
CreatePopupMenu
SetPropA
AllowSetForegroundWindow
UnpackDDElParam
RemovePropA
CheckMenuRadioItem
DefFrameProcW
ChildWindowFromPoint
wsprintfW
GetDesktopWindow
PostQuitMessage
RegisterWindowMessageA
MapVirtualKeyW
GetTopWindow
ReplyMessage
OemToCharA
DrawTextExA
TrackPopupMenu
ScrollWindow
GetNextDlgGroupItem
SendDlgItemMessageW
GetMessagePos
SetRectEmpty
IsWindowVisible
wsprintfA
wvsprintfW
EndDeferWindowPos
GetScrollRange
GetDC
ShowCursor
GetAncestor
SetSysColors
GetWindowRgn
CreateDialogIndirectParamW
SetScrollRange
ScrollWindowEx
EnumWindows
DestroyMenu
InvalidateRgn
DrawIcon
LoadStringW
MonitorFromRect
ShowWindow
IsDlgButtonChecked
IsZoomed
InSendMessage
SendDlgItemMessageA
IsIconic
ChangeDisplaySettingsW
GetWindowTextLengthW
FindWindowExW
CharToOemA
SetMenuItemInfoA
CallWindowProcW
InsertMenuItemA
WaitForInputIdle
RegisterHotKey
IsMenu
SetMenu
GetUserObjectInformationW
SetClassLongW
WinHelpW
GetPropA
CheckMenuItem
EnumDisplaySettingsA
FreeDDElParam
GetClassLongW
SetMessageQueue
CheckDlgButton
GetClassLongA
UpdateLayeredWindow
IsCharAlphaNumericW
PostMessageW
GetIconInfo
LoadImageA
CharPrevA
CreateDialogParamW
MessageBoxExW
SendNotifyMessageA
CreateWindowExA
SetWindowLongA
WaitMessage
DialogBoxParamA
GetDlgItemTextW
SetClassLongA
ToAsciiEx
InsertMenuItemW
LoadImageW
CharLowerW
SetMenuDefaultItem
SetMenuItemInfoW
OpenIcon
ShowOwnedPopups
DeferWindowPos
CharUpperBuffA
GetUserObjectInformationA
TranslateAcceleratorA
IsDialogMessageW
CopyImage
ToUnicodeEx
GetMenuCheckMarkDimensions
GetWindowRect
SetWindowsHookExW
GetClassInfoExW
ShowScrollBar
FillRect
GetMonitorInfoW
SetCursorPos
GetMenuItemRect
MsgWaitForMultipleObjectsEx
SetForegroundWindow
GetClassNameA
PeekMessageA
GetWindowThreadProcessId
FindWindowA
SetWindowsHookExA
GetMessageA
SendMessageA
OpenWindowStationW

shlwapi

StrToIntExW
PathAppendW
PathCompactPathExW
wvnsprintfW
PathGetDriveNumberW
StrRetToBufW
SHRegGetUSValueW
StrCatW
PathUndecorateW
PathSkipRootW
PathParseIconLocationW
StrFormatKBSizeW
PathIsURLW
PathFileExistsW
PathIsNetworkPathW
SHSetValueA
StrCpyW
StrRetToStrW
StrCmpNIA
StrCmpNIW
PathStripPathW
PathIsUNCW
PathBuildRootW
UrlCombineW
PathRemoveFileSpecA
PathRemoveBlanksW
wnsprintfA
StrChrA
UrlCreateFromPathW
UrlUnescapeW

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDisablePredefinedCache
RegRestoreKeyW
SetThreadToken
QueryServiceStatusEx
CreateProcessWithLogonW
QueryServiceConfig2W
ReportEventA
ReadEventLogA
StartServiceCtrlDispatcherA
ReportEventW
GetServiceKeyNameW
GetEffectiveRightsFromAclW
QueryServiceLockStatusA
RegLoadKeyW
RegCreateKeyA
OpenEventLogA
RegOpenKeyW
BuildTrusteeWithNameW
ObjectCloseAuditAlarmW
GetInheritanceSourceW
RegisterServiceCtrlHandlerExW
RegisterEventSourceW
DuplicateToken
EnumDependentServicesA
RegNotifyChangeKeyValue
OpenThreadToken
RegSaveKeyA
GetUserNameW
InitiateSystemShutdownW
LogonUserA
StartServiceA
QueryServiceConfigA
ImpersonateAnonymousToken
ChangeServiceConfigW
RegSetValueA
OpenProcessToken
CloseEventLog
CreateServiceW
NotifyBootConfigStatus
RegDeleteKeyW
StartServiceW
DeregisterEventSource
CloseServiceHandle
RegUnLoadKeyW
BuildExplicitAccessWithNameW
ConvertSidToStringSidA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
GetNumberOfEventLogRecords

shell32

SHAddToRecentDocs
SHGetDesktopFolder
SHFileOperationA
SHGetFileInfoW
DragAcceptFiles
SHGetSpecialFolderPathA
DragQueryFileA
ShellAboutA
ShellExecuteW
SHGetPathFromIDListA
SHPathPrepareForWriteW
SHGetFolderLocation

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7641ebbb2dfe5570b0e205df8ed8aded

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB