c9ccb7e4a9028dd9667fca7e83cde73108669097409c431f0be3aacb43cd4d8d

Sharing

Copy URL

Twitter E-mail

General

Target

c9ccb7e4a9028dd9667fca7e83cde73108669097409c431f0be3aacb43cd4d8d
Size

881KB
MD5

606cf2e7ba7a7f50038e0a07bf491710
SHA1

ee25769c8534e496d265b30a1187072e9c470be9
SHA256

c9ccb7e4a9028dd9667fca7e83cde73108669097409c431f0be3aacb43cd4d8d
SHA512

dc4988ff8353495373720585745d437846aa3ea7a00c391dfd3853154e824124218e6e5ebf5b636caedbb5317ebef8312063821cec8383734e5b0f782dd4ee76
SSDEEP

24576:oRTCAIL5zy+hgCY2C21h+hUlK0ZOG+l4kyrIkXE8nu:o4O+WCZCGlK0ZOGM4nIkXE8nu

Score

N/A

Malware Config

Signatures

Files

c9ccb7e4a9028dd9667fca7e83cde73108669097409c431f0be3aacb43cd4d8d
.dll regsvr32 windows x86

42dc41c40a8ae3e95375032f83162ddf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlUnwind

shlwapi

PathAppendW
StrChrIW
StrChrW
StrTrimW
PathFileExistsW
StrStrA
PathCommonPrefixW
PathCombineW
PathRemoveFileSpecW
UrlCombineW
StrCmpW
PathFindFileNameW
StrRChrA
wnsprintfA
StrToIntW
SHDeleteKeyA
StrCmpNW
SHDeleteValueW
SHSetValueA
StrStrIW
StrChrA
StrCpyNW
StrCatBuffW
StrStrW
wnsprintfW
StrRChrW
UrlGetPartW
PathFindExtensionW
StrCmpIW
SHStrDupW
SHCopyKeyW
SHDeleteKeyW
SHEnumKeyExW
SHGetValueA
SHGetValueW
SHSetValueW
SHRegGetUSValueW
SHCreateShellPalette
PathStripPathA
PathAppendA
UrlCreateFromPathW
SHCreateStreamOnFileW
StrCatBuffA
PathIsRelativeW
StrDupW
PathRemoveFileSpecA
wvnsprintfA
ord176
ord168
ord215
ord174
ord437
ord475
StrCmpNIW

advapi32

RegCreateKeyExA
RegSetValueA
RegSetValueExA
RegCloseKey
FreeSid
RegSetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextA
RegQueryValueExA
RegOpenKeyExA

user32

GetSysColor
EnumChildWindows
FillRect
ReleaseDC
GetDC
GetClientRect
MoveWindow
DdeNameService
DdeFreeStringHandle
DdeUninitialize
PtInRect
DdeCreateDataHandle
SetFocus
ShowWindow
GetWindowRect
EndDialog
GetDlgItem
KillTimer
SetTimer
IsWindowVisible
UpdateWindow
MapWindowPoints
SetCursor
GetCursorPos
GetWindow
GetParent
EndPaint
BeginPaint
ScreenToClient
SetWindowPos
TrackMouseEvent
IsWindow
GetWindowThreadProcessId
DestroyWindow
TranslateMessage
IsRectEmpty
InvalidateRect
IntersectRect
OffsetRect
GetMenuItemCount
GetNextDlgTabItem
SetForegroundWindow
GetLastActivePopup
IsIconic
GetForegroundWindow
ClientToScreen
RedrawWindow
SystemParametersInfoA
SetCursorPos
GetSystemMenu
IsZoomed
GetWindowPlacement
SetWindowPlacement
GetWindowDC
GetDCEx
IsWindowEnabled
IsChild
GetTopWindow
CheckMenuItem
GetDesktopWindow
GetFocus
GetKeyState
PostQuitMessage
EqualRect
InflateRect
GetActiveWindow
DestroyIcon
EnableMenuItem
CloseClipboard
OpenClipboard
FlashWindowEx
GetSysColorBrush
MessageBeep
DestroyMenu
GetMenuState
WaitMessage
MsgWaitForMultipleObjects
TrackPopupMenuEx
ReleaseCapture
SetCapture
GetSystemMetrics
MsgWaitForMultipleObjectsEx
SubtractRect
SetMenuDefaultItem

ole32

CoRevokeClassObject
CoFreeUnusedLibraries
CoSetProxyBlanket
RevokeDragDrop
RegisterDragDrop
ReleaseStgMedium
CoTaskMemAlloc
OleLockRunning
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
OleInitialize
OleUninitialize
CoInitialize
CoUninitialize
CoMarshalInterface
GetHGlobalFromStream
CreateStreamOnHGlobal
CoReleaseMarshalData
CreateBindCtx
CoTaskMemFree
CoGetInterfaceAndReleaseStream
CoUnmarshalInterface

oleaut32

LoadTypeLi
SystemTimeToVariantTime
VarBstrCat
VarBstrCmp
VariantChangeType
VariantCopy
VariantClear
VariantInit
SysAllocStringByteLen
SysAllocStringLen
SysStringByteLen
SysStringLen
SysAllocString
SysFreeString
LoadRegTypeLi

gdi32

GetWindowOrgEx
SetWindowOrgEx
CreateSolidBrush
SetStretchBltMode
CreateFontIndirectA
GetTextExtentPoint32A
GetNearestPaletteIndex
GetClipBox
SetViewportOrgEx
GdiFlush
GetViewportOrgEx
PatBlt
SelectPalette
RealizePalette
BitBlt
GetPaletteEntries
CreateDIBSection
CreateCompatibleDC
SelectObject
GetDIBColorTable
SetDIBColorTable
DeleteDC
GetDeviceCaps
CreateCompatibleBitmap
GetDIBits
SetBkMode
SetTextColor
GetStockObject
DeleteObject

comctl32

InitCommonControlsEx
PropertySheetW

wininet

InternetGetCookieW
InternetInitializeAutoProxyDll

kernel32

InterlockedCompareExchange
TlsAlloc
TlsFree
SizeofResource
LockResource
LoadResource
TlsGetValue
GetStartupInfoA
GetModuleFileNameA
GlobalUnlock
GlobalLock
GlobalSize
FreeLibrary
SetProcessWorkingSetSize
GetCurrentProcess
ResetEvent
OpenProcess
CreateToolhelp32Snapshot
CompareFileTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
TlsSetValue
HeapFree
HeapAlloc
GetProcessHeap
LoadLibraryA
IsBadCodePtr
Sleep
IsBadReadPtr
lstrlenA
lstrcpynA
lstrcmpiA
SetLastError
FileTimeToSystemTime
GetFileSize
GetLastError
GetTickCount
GetCurrentProcessId
SetEvent
CloseHandle
MulDiv
GlobalFree
GetCurrentThreadId
LocalFree
LocalReAlloc
LocalAlloc
CreateThread
LeaveCriticalSection
IsBadWritePtr
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapReAlloc
GetCommandLineA
VirtualProtect
GetLocalTime
SetThreadPriority
ReleaseSemaphore
GlobalAlloc
GetVersionExA
WaitForMultipleObjects
GlobalDeleteAtom
GlobalMemoryStatus
FindClose
SetCurrentDirectoryA
GetCurrentDirectoryA
GetWindowsDirectoryA
GlobalAddAtomA
GetProcessTimes
QueryPerformanceFrequency
SetFilePointer
FlushFileBuffers
QueryPerformanceCounter
GetAtomNameA
lstrcmpA
MapViewOfFile
UnmapViewOfFile
WriteFile
GetSystemDirectoryA
VirtualAlloc
GetSystemInfo
VirtualFree
EnterCriticalSection
GetModuleHandleA
VirtualQuery
HeapDestroy
HeapCreate
ExitProcess
TerminateProcess
HeapSize
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
UnhandledExceptionFilter
GetOEMCP
GetStringTypeA
LCMapStringA
CompareStringA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GoGoGadgetMSNStartup
TxDllMain
TxInitAccessibilitySettings
TxIsScreenReaderActive
TxSetUserScreenReaderMode

Sections

.text
Size: 596KB - Virtual size: 595KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 135KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

42dc41c40a8ae3e95375032f83162ddf

Headers

File Characteristics

Imports

ntdll

shlwapi

advapi32

user32

ole32

oleaut32

gdi32

comctl32

wininet

kernel32

Exports

Exports

Sections

.text Size: 596KB - Virtual size: 595KB

.data Size: 19KB - Virtual size: 27KB

.rsrc Size: 77KB - Virtual size: 77KB

.reloc Size: 52KB - Virtual size: 52KB

.text Size: 135KB - Virtual size: 136KB

.text
Size: 596KB - Virtual size: 595KB

.data
Size: 19KB - Virtual size: 27KB

.rsrc
Size: 77KB - Virtual size: 77KB

.reloc
Size: 52KB - Virtual size: 52KB

.text
Size: 135KB - Virtual size: 136KB