b0bfd7e38c7710d5d7fd07abce7b14b4fd77ec59e5e31e98edc2e3a52d707ba7

Sharing

Copy URL Twitter E-mail

General

Target

b0bfd7e38c7710d5d7fd07abce7b14b4fd77ec59e5e31e98edc2e3a52d707ba7
Size

148KB
MD5

01cea9578f63d96505cf0ae86e29d4d0
SHA1

858a958ba97b536c4f38fc889ba77ad14cd45cec
SHA256

b0bfd7e38c7710d5d7fd07abce7b14b4fd77ec59e5e31e98edc2e3a52d707ba7
SHA512

767a09a1779bec11d04210adfc135370b627fb844f86556dd1094e99929480500e8e4267ae79077112f77c5be148531f505cdf4fd0a0b650ed83cf079bd84264
SSDEEP

3072:faesJBSQ38sCwYabBOtotEI70Dkh74bAmkhNpZp7EByOtG2L:favJBVspradOtotNX74bAvh5uy4dL

Score

N/A

Malware Config

Signatures

Files

b0bfd7e38c7710d5d7fd07abce7b14b4fd77ec59e5e31e98edc2e3a52d707ba7
.dll regsvr32 windows x86

8003245e0e031b32255ccf0a8bf8112d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ltkrn14n

ord154
ord152
ord150
ord145
ord144
ord143
ord151
ord141
ord138
ord137
ord139
ord136
ord133
ord130
ord129
ord132
ord128
ord125
ord124
ord123
ord121
ord120
ord117
ord116
ord115
ord114
ord113
ord112
ord111
ord110
ord108
ord241
ord107
ord106
ord104
ord102
ord101
ord100
ord157
ord134
ord197
ord135

ltfil14n

ord102
ord118
ord103
ord112
ord101
ord145
ord119
ord104
ord106
ord113
ord100
ord116
ord105

ltimg14n

ord118
ord119
ord120
ord117
ord122
ord123
ord124
ord116
ord115
ord114
ord167
ord113
ord112
ord111
ord110
ord109
ord108
ord107
ord106
ord105
ord104
ord103
ord102
ord121
ord100
ord127
ord101

ltdis14n

ord121
ord124
ord139
ord137
ord136
ord134
ord133
ord132
ord122
ord127
ord126
ord125
ord120

ltefx14n

ord100
ord110

mfc90

ord4714
ord2961
ord3110
ord2769
ord2888
ord2759
ord4066
ord4067
ord4057
ord2886
ord4334
ord4890
ord4667
ord3659
ord1258
ord1137
ord1254
ord1252
ord265
ord2084
ord3107
ord2447
ord4197
ord6781
ord266
ord1087
ord1603
ord5963
ord4506
ord4481
ord2481
ord798
ord310
ord300
ord4311
ord817
ord910
ord601
ord316
ord321
ord800
ord2978
ord2766
ord6001
ord5646
ord5663
ord4981
ord4333
ord5659
ord5657
ord3209
ord2087
ord4199
ord5813
ord5533
ord1046
ord4165
ord6018
ord2206
ord2251
ord1093
ord4733
ord392
ord801
ord322
ord1075
ord1145
ord1275
ord4159
ord6783
ord4409
ord4434
ord793
ord589
ord3276
ord4029
ord605
ord1278
ord1243
ord1241
ord1268
ord1180
ord1233
ord391
ord1152
ord1277
ord6721

msvcr90

__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
memmove_s
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
?terminate@@YAXXZ
_mbsnbcpy
_recalloc
wcsncpy_s
free
malloc
_mbsrchr
memset
__CxxFrameHandler3
_purecall
_resetstkoflw
memcpy_s
_mbsstr
_mbsnbcpy_s
memcmp
strcpy_s
strcat_s
wcstol
strtol
strtoul
strcat
strcpy
strlen

kernel32

lstrlenA
GetModuleFileNameA
MultiByteToWideChar
GetLastError
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
IsDBCSLeadByte
DeleteCriticalSection
RaiseException
GetProcAddress
LoadLibraryW
GetModuleHandleA
LoadLibraryA
GetLocaleInfoA
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
LocalFree
LocalAlloc
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
WideCharToMultiByte
lstrlenW
CopyFileA
GetTempPathA
GetTempFileNameA
MoveFileA
DeleteFileA
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
GetTickCount

user32

CharNextA
GetActiveWindow
GetKeyboardLayout
CharLowerA
CharNextW
MessageBoxA

advapi32

RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegDeleteKeyA

ole32

StringFromGUID2
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

oleaut32

SysAllocString
RegisterTypeLi
SysStringLen
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SysFreeString
UnRegisterTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8003245e0e031b32255ccf0a8bf8112d

Headers

File Characteristics

Imports

ltkrn14n

ltfil14n

ltimg14n

ltdis14n

ltefx14n

mfc90

msvcr90

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 3KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 3KB

.rmnet
Size: 56KB - Virtual size: 60KB