7f87176ba47217139f9b94aedd5bd113d5c33fe509afcb3ea1876912087ee924

Sharing

Copy URL Twitter E-mail

General

Target

7f87176ba47217139f9b94aedd5bd113d5c33fe509afcb3ea1876912087ee924
Size

263KB
MD5

404d9513adaac89ef328aaa79219dab0
SHA1

1df459f0ef27111f6706c46a634608b6ea33a5cd
SHA256

7f87176ba47217139f9b94aedd5bd113d5c33fe509afcb3ea1876912087ee924
SHA512

7ec46442af739219677bec7a456f4e1721e78714b7b4d87b7315458cedba711b46788d3993a122415179b0bd042a7b5404f8045a89396cc5220b4882f57b2791
SSDEEP

6144:DdhDN3wYZRnyvL1518f/Dcwmsjms1nb5qu8u4pN:DdhDN3v45Cb11nb5qugpN

Score

N/A

Malware Config

Signatures

Files

7f87176ba47217139f9b94aedd5bd113d5c33fe509afcb3ea1876912087ee924
.dll regsvr32 windows x86

3aa6038604213c0f1b51a272beb87616

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
GetProcAddress
GetModuleHandleA
lstrlenA
lstrcmpiA
DisableThreadLibraryCalls
InterlockedIncrement
GetModuleFileNameA
GetModuleHandleW
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetStartupInfoA
EnterCriticalSection
SetHandleCount
GetStdHandle
WriteFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
InterlockedDecrement
GlobalAlloc
GlobalLock
GlobalUnlock
GetFileType
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapDestroy
HeapCreate
HeapReAlloc
VirtualFree
IsValidCodePage
GetOEMCP
GetACP
HeapFree
GetProcessHeap
RtlUnwind
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCurrentThreadId
GetCommandLineA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
HeapSize
ExitProcess
GetCPInfo
FreeEnvironmentStringsA

user32

RegisterClipboardFormatA
CharNextA
CharNextW
EnumDisplaySettingsA
GetSystemMetrics
GetWindowLongA
GetWindowRect
ShowWindow
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
CreateDialogParamA
GetParent
SetFocus
IsIconic
DestroyWindow
PostQuitMessage
MoveWindow
GetForegroundWindow
IsZoomed
IsWindowVisible

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize
StringFromGUID2
CreateDataAdviseHolder

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString
VariantClear

Exports

Exports

ButtonDraw
ButtonUndraw
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3aa6038604213c0f1b51a272beb87616

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 69KB - Virtual size: 69KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 27KB - Virtual size: 27KB

.reloc Size: 7KB - Virtual size: 7KB

.text Size: 136KB - Virtual size: 136KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 27KB - Virtual size: 27KB

.reloc
Size: 7KB - Virtual size: 7KB

.text
Size: 136KB - Virtual size: 136KB