5dd6ab467e151022be0e48452d35344be0fa41a4a91f7b464f511d7140ad479e

Sharing

Copy URL

Twitter E-mail

General

Target

5dd6ab467e151022be0e48452d35344be0fa41a4a91f7b464f511d7140ad479e
Size

211KB
MD5

6a526e3400c72dc59b7516dc67b49f3b
SHA1

9eb7594b48a41b82e3bc6253239cdb33b47aece9
SHA256

5dd6ab467e151022be0e48452d35344be0fa41a4a91f7b464f511d7140ad479e
SHA512

d604d4b185e7051b9281983bb685197e3a999e70036dd15c8aecd48dcc85b58ab2f3f738ddf60af4a5e7e2e89b794faaa455f6f86dca78f0714099b25c75a5e9
SSDEEP

3072:n21k10auvaLv0ctAxQy9UCrMtHDO1VadGWYNSKSCm7YOmLD//3:n213GyT4RDO1VEYAKrP

Score

N/A

Malware Config

Signatures

Files

5dd6ab467e151022be0e48452d35344be0fa41a4a91f7b464f511d7140ad479e
.dll regsvr32 windows x86

2c1188e0b8105bc823eebd304d7b7f44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
LockResource
WritePrivateProfileStringA
LocalFree
GetPrivateProfileIntA
GetPrivateProfileStringA
LocalAlloc
MulDiv
GetTickCount
lstrcpyA
CloseHandle
WriteFile
SetFilePointer
CreateFileA
OutputDebugStringA
GetCurrentThreadId
FormatMessageA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetPrivateProfileSectionNamesA
GetProcAddress
FindNextFileA
DeleteFileA
ReleaseMutex
FindFirstFileA
WaitForSingleObject
CreateMutexA
ReadFile
LocalReAlloc
LocalSize
LocalUnlock
LocalLock
lstrcpynA
LoadLibraryA
SetErrorMode
CreateDirectoryA
GetFileAttributesA
GetShortPathNameA
RemoveDirectoryA
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
lstrcmpiA
GetLastError
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSection
RaiseException
WideCharToMultiByte
GetModuleFileNameA
lstrlenA
LeaveCriticalSection
EnterCriticalSection
lstrlenW
FindClose
GetSystemTimeAsFileTime

user32

CharNextA
CharNextW
EnableWindow
IsWindowEnabled
GetDlgItem
SetRect
GetSystemMetrics
SystemParametersInfoA
SetWindowPos
GetParent
AttachThreadInput
GetWindowThreadProcessId
GetWindowRect
IsWindow
ReleaseDC
GetDC
PeekMessageA
PostMessageA
DispatchMessageA
TranslateMessage
SetWindowLongA
DefWindowProcA
GetWindowLongA
PostQuitMessage
MsgWaitForMultipleObjects
ShowWindow
IsIconic
wsprintfA
LoadStringA
LoadCursorA
RegisterClassA
CreateWindowExA
GetForegroundWindow
SetForegroundWindow

gdi32

GetObjectA
SelectObject
GetTextMetricsA
GetDeviceCaps
GetStockObject
CreateFontIndirectA

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
GetRunningObjectTable
MkParseDisplayName
CreateBindCtx
ProgIDFromCLSID
CoGetInstanceFromFile
CreateFileMoniker
CoTaskMemAlloc

oleaut32

CreateErrorInfo
SetErrorInfo
VarBstrCat
SysAllocStringLen
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysStringLen
VariantCopy
VariantClear
VariantInit
VarBstrCmp
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr90

__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
?terminate@@YAXXZ
atol
isxdigit
iswctype
toupper
_chdrive
_chdir
_getcwd
atoi
calloc
memmove_s
_mbsicmp
_mbschr
wcscpy_s
_beginthreadex
_ltoa_s
_recalloc
_purecall
memset
strcat_s
wcsncpy_s
strcpy_s
memcpy_s
_mbsstr
_mbsnbcpy_s
memcmp
_resetstkoflw
free
malloc
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
__CxxFrameHandler3
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
isdigit
??3@YAXPAX@Z
??_V@YAXPAX@Z
_CxxThrowException
??0exception@std@@QAE@ABQBD@Z

Exports

Exports

?COMWndProc@@YGJPAUHWND__@@IIJ@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c1188e0b8105bc823eebd304d7b7f44

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

msvcp90

msvcr90

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 71KB - Virtual size: 72KB

.rsrc Size: 11KB - Virtual size: 11KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 71KB - Virtual size: 72KB

.rsrc
Size: 11KB - Virtual size: 11KB

.reloc
Size: 7KB - Virtual size: 7KB