62d94a42d6bdcb561a9978354d79252522066106b60284b6a0ec34d6c8bde15c

Sharing

Copy URL Twitter E-mail

General

Target

62d94a42d6bdcb561a9978354d79252522066106b60284b6a0ec34d6c8bde15c
Size

552KB
MD5

651e7f2bc3a28fcd11d68ed50b5ab9b0
SHA1

c8c2d7d73ddae4dea14fda4d14edf62e72c14752
SHA256

62d94a42d6bdcb561a9978354d79252522066106b60284b6a0ec34d6c8bde15c
SHA512

e2e9a0f550b056a1d56682f62d303d9cd07efeb777c1fa89d1060cf8c9049526b6f87489c7d925862e5ad0a5d559042a63c68de250acd7a1cd62f5748986717b
SSDEEP

12288:XKj6fCt7HmKalw2Bx0Fr7smkDJm+CjYIsw1O:Yt7GHw2BiFkmCm+CjbsJ

Score

N/A

Malware Config

Signatures

Files

62d94a42d6bdcb561a9978354d79252522066106b60284b6a0ec34d6c8bde15c
.dll regsvr32 windows x86

8d699fdf9e2835f0987bd08815cd375e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_ntoa
WSAStartup
gethostbyname
setsockopt
WSASocketA
inet_addr

rasapi32

RasEnumConnectionsA
RasGetConnectStatusA

tapi32

lineInitialize
lineNegotiateAPIVersion
lineGetDevCaps
lineOpen
lineGetNewCalls
lineShutdown
lineGetCallInfo

kernel32

DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
CreateFileA
CreateEventA
SetThreadPriority
ResumeThread
SuspendThread
EnumResourceLanguagesA
ConvertDefaultLocale
GlobalDeleteAtom
GetCurrentThread
GlobalAddAtomA
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GetFileTime
lstrcmpW
CloseHandle
GlobalGetAtomNameA
WritePrivateProfileStringA
GlobalFlags
GetCPInfo
GetOEMCP
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
HeapReAlloc
HeapSize
GetCommandLineA
ExitThread
CreateThread
TerminateProcess
SetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToLocalFileTime
FileTimeToSystemTime
SetLastError
GlobalFree
CreateDirectoryA
GetTickCount
GetCurrentProcessId
LocalAlloc
LocalSize
lstrcmpA
LocalFree
LoadLibraryA
GetProcAddress
lstrcatA
GetExitCodeThread
GlobalAlloc
GlobalLock
GlobalUnlock
WaitForSingleObject
Sleep
MoveFileA
DeleteFileA
GetFileAttributesA
FormatMessageA
lstrcpyA
GetCurrentThreadId
CompareStringW
CompareStringA
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
ResetEvent
SetEvent
MulDiv
GetVersion
LockResource
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
EnterCriticalSection
GetModuleFileNameA
LeaveCriticalSection
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GlobalFindAtomA

user32

GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
GetWindow
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowTextA
UnhookWindowsHookEx
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
MessageBoxA
GetLastActivePopup
IsWindowEnabled
EnableWindow
PostQuitMessage
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
SendMessageA
PeekMessageA
GetCursorPos
GetSystemMetrics
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
BeginPaint
GetClientRect
EndPaint
GetParent
GetFocus
IsChild
SetFocus
ShowWindow
GetKeyState
InvalidateRect
CallWindowProcA
GetWindowLongA
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
UnionRect
PtInRect
SetRect
GetSysColor
GetSysColorBrush
IsWindow
CreateWindowExA
RegisterClassExA
DestroyMenu
SetWindowTextA
DefWindowProcA
LoadStringA
UnregisterClassA
DestroyWindow
LoadBitmapA
GetDC
ReleaseDC
LoadCursorA
wsprintfA
GetClassInfoExA
CharUpperA
PostMessageA
SetWindowLongA
CharNextA
RegisterWindowMessageA
SetCursor
WinHelpA
ValidateRect

gdi32

SetMapMode
GetMapMode
CreateCompatibleBitmap
CreateBitmap
DPtoLP
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ScaleWindowExtEx
BitBlt
SetBkColor
DeleteDC
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
CreatePen
SelectObject
Rectangle
GetStockObject
DeleteObject
GetDeviceCaps
GetClipBox
SetTextColor
CreateCompatibleDC
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA

comctl32

ord17

shlwapi

PathFileExistsA
PathFindExtensionA
UrlUnescapeA
PathStripToRootA
PathFindFileNameA
PathIsUNCA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
ProgIDFromCLSID
OleRegEnumVerbs
OleRegGetUserType
CreateOleAdviseHolder
OleRegGetMiscStatus
CreateDataAdviseHolder
OleLoadFromStream
WriteClassStm
OleSaveToStream
CoUninitialize
CoInitializeEx
StringFromGUID2

oleaut32

SysAllocString
RegisterTypeLi
UnRegisterTypeLi
OleCreatePropertyFrame
CreateErrorInfo
SetErrorInfo
SysAllocStringLen
VariantChangeType
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysStringLen
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
VariantCopy
VariantClear
SysFreeString

wininet

InternetQueryOptionA
InternetOpenUrlA
FtpOpenFileA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetQueryDataAvailable
HttpAddRequestHeadersA
HttpSendRequestA
InternetReadFile
InternetOpenA
InternetSetOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetConnectedState
HttpOpenRequestA
InternetConnectA
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetCloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d699fdf9e2835f0987bd08815cd375e

Headers

File Characteristics

Imports

ws2_32

rasapi32

tapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 228KB - Virtual size: 226KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 28KB - Virtual size: 25KB

.text Size: 220KB - Virtual size: 220KB

.text
Size: 228KB - Virtual size: 226KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 28KB - Virtual size: 25KB

.text
Size: 220KB - Virtual size: 220KB