f28e2ab1b993cca6d5e746f44accfcf127218e40967b2b60a40f88f065f99b2d

Sharing

Copy URL Twitter E-mail

General

Target

f28e2ab1b993cca6d5e746f44accfcf127218e40967b2b60a40f88f065f99b2d
Size

804KB
MD5

46edb403b89c94863ad3b8bf9365daf0
SHA1

48ab90bdd46bf34f9be090d0af0eb7e1c49eb7c6
SHA256

f28e2ab1b993cca6d5e746f44accfcf127218e40967b2b60a40f88f065f99b2d
SHA512

f86bea9efcf4769a7095aebed1be1a8c1fa22b307ba345702ff259951ce7756015fefe139723790353c3362404492cfefae960d99dc582616b3899551c8418ba
SSDEEP

24576:s2Z/6YoXIKmuB5suLxuHcECvXcNL5trSdyZB:s2yXIacXkEZB

Score

N/A

Malware Config

Signatures

Files

f28e2ab1b993cca6d5e746f44accfcf127218e40967b2b60a40f88f065f99b2d
.dll regsvr32 windows x86

8bc2fb6a1c94da07f8a249263179ab45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d8

Direct3DCreate8

kernel32

DeleteCriticalSection
DisableThreadLibraryCalls
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileW
GetVersionExA
UnmapViewOfFile
FindResourceW
HeapFree
GetProcessHeap
GetProcAddress
WriteFile
IsProcessorFeaturePresent
ReadFile
GetCommandLineA
HeapReAlloc
CompareStringA
FlushFileBuffers
GetLocaleInfoW
SetStdHandle
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
HeapDestroy
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetFilePointer
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
LCMapStringW
LCMapStringA
RaiseException
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
IsDBCSLeadByte
lstrcmpiA
IsBadWritePtr
VirtualAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
HeapAlloc
Sleep
ExitProcess
TerminateProcess
HeapCreate
VirtualFree
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
GetModuleHandleA
GetShortPathNameA
lstrlenW
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
lstrcpynA
FreeLibrary
GetCurrentProcess
FlushInstructionCache
LoadLibraryA
MulDiv
QueryPerformanceFrequency
QueryPerformanceCounter
GetFullPathNameA
CreateFileA
CloseHandle
lstrcpyA
lstrcatA
CompareStringW
SetEnvironmentVariableA
GetVersion

shell32

ShellExecuteA

gdiplus

GdipBitmapUnlockBits
GdipDeleteGraphics
GdipFree
GdiplusShutdown
GdipCreateBitmapFromResource
GdipSetStringFormatAlign
GdipCreateBitmapFromFileICM
GdipCreateFontFamilyFromName
GdipCreateFont
GdipCreateSolidFill
GdipCreateStringFormat
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipDrawString
GdipDeleteStringFormat
GdipDeleteFont
GdipDeleteFontFamily
GdipDisposeImage
GdipCloneImage
GdipCloneBrush
GdiplusStartup
GdipAlloc
GdipCreateBitmapFromStream
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageRawFormat
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipSetInterpolationMode
GdipDrawImageRectRectI
GdipCreateLineBrushFromRect
GdipFillRectangle
GdipCreateLineBrushFromRectI
GdipFillRectangleI
GdipBitmapLockBits
GdipDeleteBrush

ddraw

DirectDrawCreate

winmm

timeGetTime

user32

SystemParametersInfoA
MapWindowPoints
SetDlgItemTextA
GetDlgItemTextA
EndDialog
DialogBoxParamA
TrackMouseEvent
PeekMessageA
wsprintfA
CallWindowProcA
UnhookWindowsHookEx
DestroyWindow
PostMessageA
SetCursor
GetSysColorBrush
LoadCursorA
GetWindow
GetSystemMetrics
CreateWindowExA
GetDC
ReleaseDC
SetWindowLongA
IsWindowUnicode
SetWindowsHookExA
ShowWindow
UpdateWindow
DefWindowProcA
GetAsyncKeyState
GetParent
LoadStringA
wsprintfW
CharNextA
RegisterWindowMessageA
CallNextHookEx
SetWindowPos
GetWindowLongA
GetWindowRect
GetClientRect
RegisterClassA

gdi32

CreateDIBSection
SetMapMode
GetDeviceCaps
CreateFontA
SetTextColor
SetBkColor
SetTextAlign
GetTextExtentPoint32A
ExtTextOutA
CreateDIBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
DeleteDC

advapi32

RegCreateKeyExA
RegOpenKeyA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegCloseKey
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree

oleaut32

LoadRegTypeLi
VarUI4FromStr
SysStringLen
SysAllocString
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 376KB - Virtual size: 374KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8bc2fb6a1c94da07f8a249263179ab45

Headers

File Characteristics

Imports

d3d8

kernel32

shell32

gdiplus

ddraw

winmm

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 376KB - Virtual size: 374KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 40KB - Virtual size: 59KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 256KB - Virtual size: 253KB

.reloc Size: 24KB - Virtual size: 20KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 376KB - Virtual size: 374KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 40KB - Virtual size: 59KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 256KB - Virtual size: 253KB

.reloc
Size: 24KB - Virtual size: 20KB

.rmnet
Size: 60KB - Virtual size: 60KB