6e0de20ceca994d1ab6c4af3eddd66dde07df1f594ad98ae3d04f51119377510

Sharing

Copy URL Twitter E-mail

General

Target

6e0de20ceca994d1ab6c4af3eddd66dde07df1f594ad98ae3d04f51119377510
Size

768KB
MD5

3aef19a54acbc8b27c2e3902c959e470
SHA1

801a48e9e20923f2ff614d3d0146620802f6146f
SHA256

6e0de20ceca994d1ab6c4af3eddd66dde07df1f594ad98ae3d04f51119377510
SHA512

127705fcb0216f9ea44de073be8e7769e5cde2c0ce3e5156db1313927a7c7c8cc65ad68ee2e64f6da87f59a88ff4694bdb214c9c33a085de913ff1bba11c77b0
SSDEEP

12288:ZxhDwFWPA+ftuIWiuGYJ+Bke7PyzzHUdIiX77ES:RaAtuIWiuGg+Bke7Pyzz0dIM74S

Score

N/A

Malware Config

Signatures

Files

6e0de20ceca994d1ab6c4af3eddd66dde07df1f594ad98ae3d04f51119377510
.dll regsvr32 windows x86

6b4bb12426605f8dc8c22c4951167879

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitializeEx
CoUnmarshalInterface
ProgIDFromCLSID
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
CoReleaseMarshalData
CreateStreamOnHGlobal
GetHGlobalFromStream
CoMarshalInterface
OleSaveToStream
WriteClassStm
OleLoadFromStream
StringFromGUID2
CoCreateInstance
CreateDataAdviseHolder
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc

msimg32

GradientFill

kernel32

GlobalAlloc
MulDiv
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
lstrcpynA
lstrcpyA
GetModuleFileNameA
GlobalLock
SetLastError
IsDBCSLeadByte
LockResource
LoadResource
FindResourceA
FreeLibrary
LoadLibraryA
SizeofResource
LoadLibraryExA
GetModuleHandleA
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
HeapAlloc
GlobalFree
lstrcmpA
GlobalHandle
CreateMutexA
CloseHandle
WaitForSingleObject
ReleaseMutex
CreateEventA
GetProcAddress
GetCurrentDirectoryA
SetEvent
ResetEvent
WaitForMultipleObjects
CreateThread
GetExitCodeThread
TerminateThread
GetTickCount
GlobalUnlock
lstrcmpiA
lstrlenA
GetProcessHeap
HeapFree
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
LocalFree
ExitProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcatA
SetErrorMode

oleaut32

SysFreeString
GetErrorInfo
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VariantClear
VariantInit
SysStringByteLen
VariantChangeType
VarUI4FromStr
SysAllocStringByteLen
LoadRegTypeLi
SysStringLen
OleCreatePropertyFrame
SysAllocStringLen
OleCreateFontIndirect
OleTranslateColor
SetErrorInfo
CreateErrorInfo
SafeArrayPutElement
SafeArrayCreate
SystemTimeToVariantTime

user32

wsprintfA
RegisterClassExA
CreateAcceleratorTableA
GetClassNameA
RedrawWindow
BeginPaint
EndPaint
GetWindowLongA
DefWindowProcA
CallWindowProcA
GetDesktopWindow
InvalidateRgn
GetClientRect
FillRect
SetCapture
ReleaseCapture
DestroyAcceleratorTable
CreateWindowExA
MapDialogRect
SetWindowContextHelpId
CreateDialogParamA
SystemParametersInfoA
SendDlgItemMessageA
WinHelpA
GetDialogBaseUnits
MoveWindow
LoadCursorA
SetFocus
ShowWindow
GetFocus
IsChild
GetParent
SendMessageA
GetWindow
GetNextDlgTabItem
CopyAcceleratorTableA
IsDialogMessageA
GetKeyState
InvalidateRect
IsWindow
SetWindowLongA
DestroyWindow
UnregisterClassA
GetDC
ReleaseDC
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
UnionRect
PtInRect
GetSysColor
DrawTextA
CharNextA
RegisterWindowMessageA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
CreateDialogIndirectParamA
EnumChildWindows
PostMessageA
LoadStringA
LoadBitmapA
MessageBoxA
GetWindowRect
ScreenToClient
SetTimer
KillTimer
GetSysColorBrush
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
InflateRect
UpdateWindow
SetRectEmpty
GetDlgItem
GetClassInfoExA

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA

shlwapi

PathFindExtensionA

gdi32

TextOutA
CreatePen
SetDIBits
SetPixel
SetStretchBltMode
CreateDCA
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
DeleteObject
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
StretchBlt
MoveToEx
GetTextExtentPointA
GetTextMetricsA
CreateFontIndirectA
SetBkColor
GetObjectA
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateSolidBrush
LineTo
ExtSelectClipRgn
SetBkMode
SetTextColor
Rectangle
SelectObject
GetStockObject

msvcp71

?_Nomemory@std@@YAXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?_Xran@_String_base@std@@QBEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr71

malloc
free
_resetstkoflw
??0exception@@QAE@ABV0@@Z
_CxxThrowException
realloc
_purecall
__CxxFrameHandler
wcsncpy
strncpy
??0exception@@QAE@XZ
??1exception@@UAE@XZ
strrchr
strchr
memmove
strncmp
_snprintf
sscanf
_fullpath
sprintf
_splitpath
_itoa
localtime
tolower
isupper
??_V@YAXPAX@Z
??3@YAXPAX@Z
memset
wcslen
_callnewh
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
__security_error_handler
?terminate@@YAXXZ
_strnicmp
_stricmp
_putenv
_except_handler3

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 468KB - Virtual size: 467KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6b4bb12426605f8dc8c22c4951167879

Headers

File Characteristics

Imports

ole32

msimg32

kernel32

oleaut32

user32

advapi32

shlwapi

gdi32

msvcp71

msvcr71

Exports

Exports

Sections

.text Size: 184KB - Virtual size: 180KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 468KB - Virtual size: 467KB

.reloc Size: 16KB - Virtual size: 13KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 184KB - Virtual size: 180KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 468KB - Virtual size: 467KB

.reloc
Size: 16KB - Virtual size: 13KB

.rmnet
Size: 60KB - Virtual size: 60KB