b3eb41ed1744b3f81785181b04dd92f29164473afb91404975a161d0de7b20be

Sharing

Copy URL Twitter E-mail

General

Target

b3eb41ed1744b3f81785181b04dd92f29164473afb91404975a161d0de7b20be
Size

272KB
MD5

7b4498e67504031aaba8ee83edab5270
SHA1

0f5e6f975e4b20733097d5208d911fba36a4effb
SHA256

b3eb41ed1744b3f81785181b04dd92f29164473afb91404975a161d0de7b20be
SHA512

f6707f45ae58d595d35e7e1e9a20b65e1ea9dd0c487d471a5c9e9e5f936dbd84cb0b4f63ce5b26cbc164fcfc38f602732f1238b91f36ff2c6a792d74087679e7
SSDEEP

6144:x5n9r5HgwgIxCSoz1m0mmBAPyVvHXalevFqy95Ws8m:lr9gyCSolAalaAtLxX

Score

N/A

Malware Config

Signatures

Files

b3eb41ed1744b3f81785181b04dd92f29164473afb91404975a161d0de7b20be
.dll regsvr32 windows x86

3f77cc3af8e771a98c560f0be6bc14bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
GetUserNameA

comctl32

CreatePropertySheetPageW
DestroyPropertySheetPage
ord328
ord334
ord332

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
CreateBitmap
GetNearestPaletteIndex
GetPixel
RealizePalette
SelectPalette
GetStockObject
CreateDIBSection
GetPaletteEntries
SetBkColor
DeleteDC
CreateSolidBrush
SelectObject
PatBlt
StretchBlt
DeleteObject

kernel32

LocalFileTimeToFileTime
SystemTimeToFileTime
IsBadWritePtr
IsBadReadPtr
WideCharToMultiByte
InterlockedCompareExchange
QueryPerformanceCounter
lstrcpynA
GetCurrentThreadId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetEvent
WaitForSingleObject
CloseHandle
lstrlenA
LoadLibraryA
InterlockedDecrement
GetProcAddress
FreeLibrary
DisableThreadLibraryCalls
LocalFree
LocalAlloc
FindClose
MultiByteToWideChar
GetCurrentProcessId
GetLastError
InterlockedIncrement
CompareFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
DelayLoadFailureHook
GetTickCount

msvcrt

_adjust_fdiv
malloc
_initterm
free
_vsnwprintf

oleaut32

SysStringByteLen
SysAllocString
SafeArrayCreateVector
VariantInit
SysStringLen
SysReAllocStringLen
SysFreeString
VariantTimeToSystemTime
VariantClear

shell32

ord3
ExtractIconExA
ord171
ord174
ord196
ord67
SHGetSpecialFolderLocation
ord17
SHGetDesktopFolder
ord152
ord19
ord25
ord155
ord16
ord18
SHGetMalloc

shlwapi

ord334
ord341
StrChrW
ord75
ord318
ord425
ord302
ord335
SHGetValueW
PathQuoteSpacesW
PathCreateFromUrlW
ord426
ord106
ord431
ord107
ord416
ord437
ord80
ord309
PathFindExtensionW
ord104
ord84
ord60
ord116
ord16
ord51
ord98
PathIsURLW
ord56
ord141
ord94
ord55
ord131
ord102
ord2
StrCmpIW
StrFormatByteSizeW
ord354
PathStripPathW
ord135
ord103
ord370
ord136
ord83
SHCreateStreamOnFileW
StrToIntW
ord68
ord59
ord358
ord276
ord340
PathIsDirectoryW
PathIsPrefixW
ord112
PathIsRelativeW
ord57
ord360
PathRemoveFileSpecW
ord338
wnsprintfW
PathFindFileNameW
PathRemoveExtensionW
ord298
ord394
ord313
ord312
StrCatBuffW
ord41
ord215
StrCpyNW
ord117
ord346
PathSkipRootW
StrCmpNIW
ord50
PathAddBackslashW
ord40
ord24
SHRegGetUSValueW
PathCombineW
PathFileExistsW
SHRegGetValueW
ord125
ord347
ord217
ord138
ord45
ord65

user32

EndDialog
IsDlgButtonChecked
GetParent
GetSystemMetrics
GetMenuItemCount
CheckDlgButton
EnableWindow
GetDlgItem
ShowWindow
DestroyWindow
SetMenuDefaultItem
FillRect
DrawIcon
GetDC
GetIconInfo
CreateIconIndirect
ReleaseDC
DestroyIcon
WaitMessage
TranslateMessage
DrawIconEx
LoadStringA
EnableMenuItem
GetSubMenu

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OpenChannel
ParseDesktopComponent
Subscribe
SubscribeToCDF

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 125KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3f77cc3af8e771a98c560f0be6bc14bd

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

msvcrt

oleaut32

shell32

shlwapi

user32

Exports

Exports

Sections

.text Size: 66KB - Virtual size: 65KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 75KB - Virtual size: 74KB

.reloc Size: 3KB - Virtual size: 3KB

.text Size: 125KB - Virtual size: 128KB

.text
Size: 66KB - Virtual size: 65KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 75KB - Virtual size: 74KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 125KB - Virtual size: 128KB