66a29a0311c2a547cfc35da43048ad5c35a970bc5717941b72078413deaf0555

Sharing

Copy URL Twitter E-mail

General

Target

66a29a0311c2a547cfc35da43048ad5c35a970bc5717941b72078413deaf0555
Size

164KB
MD5

7829ec36bf111137355c9883088af92f
SHA1

50d587d098b3b307b33ddb6121a74687ab0de95f
SHA256

66a29a0311c2a547cfc35da43048ad5c35a970bc5717941b72078413deaf0555
SHA512

f34ef36a98d66ac80e4722c2f177e1f43c41676b73ff324c5aa8675ec94f25bf217103030650260b48ad18bb2afde3a9164e33d0d2cc2b0aeeb27f61580c5d5b
SSDEEP

3072:+wSKp6OfNnbKSz9YUdYLPAWo0t1+/3qvxYkOK:MKuSZFY5o2AQxYkOK

Score

N/A

Malware Config

Signatures

Files

66a29a0311c2a547cfc35da43048ad5c35a970bc5717941b72078413deaf0555
.dll regsvr32 windows x86

cb11500202ba5809531bf0e63e9ac5d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
FlushInstructionCache
GetCurrentProcess
lstrcmpW
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
SetLastError
HeapSize
Sleep
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetThreadLocale
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
lstrcmpiW
GetModuleHandleW
GetLastError
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
lstrlenW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
SetFilePointer
RaiseException
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
TlsFree
GetModuleFileNameA
GetStdHandle
WriteFile
HeapDestroy
HeapCreate
TlsSetValue
TlsAlloc
TlsGetValue
GetCommandLineA
RtlUnwind
LocalFree
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
HeapReAlloc
ExitProcess

user32

CharNextW
SetWindowLongW
GetWindowLongW
UnregisterClassA
CreateWindowExW
DestroyWindow
SetWindowPos
ShowWindow
SetParent
SendMessageW
IsWindow
GetClientRect
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
RegisterClassExW
LoadCursorW
GetClassInfoExW
SetFocus
GetFocus
GetWindow
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
FillRect
ReleaseCapture
GetClassNameW
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
MoveWindow
GetSysColor
DefWindowProcW

gdi32

GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
GetStockObject

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromString
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CLSIDFromProgID

oleaut32

LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString
GetErrorInfo

shlwapi

PathFileExistsW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb11500202ba5809531bf0e63e9ac5d2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 11KB - Virtual size: 11KB