19bede658c9e350a54d3ba40e25eb40a17121c80015813757d20754deab30077

Sharing

Copy URL Twitter E-mail

General

Target

19bede658c9e350a54d3ba40e25eb40a17121c80015813757d20754deab30077
Size

549KB
MD5

7b39e361ffc59b3dc922bd03abf97648
SHA1

3e85edd23a14ee93c1249d8864c7c1ef928fa2e3
SHA256

19bede658c9e350a54d3ba40e25eb40a17121c80015813757d20754deab30077
SHA512

04a72ff3badb3565c3ce9b6be06dff7dc968d34f5f631db936ed2bcdb960a303099025f996081146903cb205bd8cdd4a511206db2eb0ed300d7194d8ff3490f8
SSDEEP

12288:pluf06yFBdZ5WbOSpttqC/+uRLiRsfWyka6mgCP:G06yFXDMqC/XRiRsfpkhK

Score

N/A

Malware Config

Signatures

Files

19bede658c9e350a54d3ba40e25eb40a17121c80015813757d20754deab30077
.dll regsvr32 windows x86

aaa846b7add562e071b2ab32e1776fc4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcscpy
memmove
__CxxFrameHandler
_purecall
wcscmp
free
wcsncpy
wcstod
wcsncmp
wcstoul
strtoul
_wsplitpath
__RTDynamicCast
_CxxThrowException
malloc
wcstol
realloc
wcscat
wcslen
_wcsupr
_itow
wcschr
iswalnum
wcsstr
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
_except_handler3
_wcsdup

kernel32

QueryPerformanceCounter
Sleep
SetLastError
InterlockedExchange
LoadLibraryA
FreeLibrary
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetModuleHandleA
GetCurrentProcess
TerminateProcess
GetLastError
WriteFile
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree
GetLocalTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetSystemTime
GetFileSize
ReadFile
CloseHandle

advapi32

RegCloseKey

ole32

CoTaskMemFree
CreateStreamOnHGlobal
StringFromCLSID

oleaut32

SafeArrayLock
VariantClear
VarUdateFromDate
VarDateFromUdate
SysAllocStringLen
SetErrorInfo
SafeArrayAccessData
SafeArrayGetElement
LoadTypeLi
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SysFreeString
SafeArrayGetLBound
SafeArrayUnlock
VariantCopy
SafeArrayCreate
SafeArrayPutElement
VariantInit
SysStringLen
SysAllocString

utilsurf

PvHEAPAllocate_
HEAPFree
MakePathW
HrGetModuleFileNameW
ComReleaseLibrary
HrComCreateInstance
HrComLoadLibraryW

mnysl05

?TOfdJpn@@YA?AW4TRI@@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 166KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aaa846b7add562e071b2ab32e1776fc4

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

ole32

oleaut32

utilsurf

mnysl05

Exports

Exports

Sections

.text Size: 271KB - Virtual size: 271KB

.data Size: 24KB - Virtual size: 24KB

.rsrc Size: 72KB - Virtual size: 72KB

.reloc Size: 14KB - Virtual size: 13KB

.text Size: 166KB - Virtual size: 168KB

.text
Size: 271KB - Virtual size: 271KB

.data
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 72KB - Virtual size: 72KB

.reloc
Size: 14KB - Virtual size: 13KB

.text
Size: 166KB - Virtual size: 168KB