efe4f1f353e2d731d6f55c43e6ed8e30dc00d40d8a292b2d78f5571735890205

Sharing

Copy URL Twitter E-mail

General

Target

efe4f1f353e2d731d6f55c43e6ed8e30dc00d40d8a292b2d78f5571735890205
Size

104KB
MD5

6a4424564ed0362fd06f608434768e51
SHA1

521b39f411cb723005c1e67514f917753bef07d7
SHA256

efe4f1f353e2d731d6f55c43e6ed8e30dc00d40d8a292b2d78f5571735890205
SHA512

435bbf3601453e68e03bc2096cff561b0ce979892abbd2053cc039f6bfe565c414580714b5831aa5a826b2eae2f3c216c2a8799ab91d6bf6b4f966c01e1300bf
SSDEEP

1536:4mHm/dNW9uDfNVd8UOC+r08JAhXG7H983TxJzogU595SGg41AfrUa:obnDfjOC+r08SRa98TDzogWfSG11AH

Score

N/A

Malware Config

Signatures

Files

efe4f1f353e2d731d6f55c43e6ed8e30dc00d40d8a292b2d78f5571735890205
.dll regsvr32 windows x86

4147a9f7936494e27ca83461ae336c29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumberFormatW
GetCommandLineW
WaitForSingleObject
GetStringTypeW
TryEnterCriticalSection
IsBadStringPtrA
FreeResource
VirtualQueryEx
EscapeCommFunction
TerminateJobObject
FindResourceA
CreateMailslotW
GetCompressedFileSizeW
TerminateThread
OpenProcess
CreateIoCompletionPort
GetDateFormatA
GetEnvironmentVariableW
CreateFileMappingA
VerLanguageNameW
GetModuleHandleW
GetVolumeInformationA
lstrcatA
SizeofResource
GetVersionExW
VirtualUnlock
ReadConsoleInputA
CreateThread
FlushFileBuffers
VirtualAllocEx
MoveFileExA
lstrlenW
SwitchToThread
MoveFileExW
OpenSemaphoreW
ClearCommError
CancelWaitableTimer
ChangeTimerQueueTimer
SetFilePointer
CreateDirectoryW
GetThreadTimes
GetStartupInfoW
OpenEventW
GetShortPathNameA
GlobalGetAtomNameA
FindNextChangeNotification
MoveFileA
ConnectNamedPipe
DeleteTimerQueueEx
GetDriveTypeW
InterlockedExchangeAdd
GetProfileStringA
GetExitCodeProcess
GetTempPathA
ResumeThread
GetConsoleCP
WriteProfileStringW
VirtualAlloc
GetUserDefaultLangID
ReplaceFileW
ReadConsoleA
WinExec
lstrcmpW
SetEnvironmentVariableA
LCMapStringA
LocalFileTimeToFileTime
CreateNamedPipeW
ReadDirectoryChangesW
GetProfileSectionA
FindCloseChangeNotification
VirtualProtect
HeapFree
GetModuleFileNameA
GetProcessHeap
GetComputerNameA
CreateDirectoryA
GetProcAddress
GetTickCount
VirtualQuery
LeaveCriticalSection
LoadLibraryA
CopyFileA
HeapAlloc
ReadFile
GetLastError
EnterCriticalSection
GetCurrentThreadId
GetCurrentProcessId

user32

ShowCaret
CopyAcceleratorTableW
CheckDlgButton
GetMessageTime
SetParent
GetClassInfoExA
DrawFrameControl
DestroyAcceleratorTable
SetWindowLongW
InvertRect
PostMessageW
CreateCursor
GetForegroundWindow
DefMDIChildProcA
OemToCharBuffA
PostMessageA
SendDlgItemMessageA
LoadIconW
GetMessageExtraInfo
DestroyCursor
ToUnicodeEx
LoadAcceleratorsA
GetClassNameW
CharLowerBuffA
LoadImageA
GetMenuItemInfoW
ScreenToClient
GetCaretBlinkTime
SendInput
GetWindowTextA
AllowSetForegroundWindow
DrawAnimatedRects
GetWindowRgn
IsDialogMessageW
IsDialogMessageA
ChangeDisplaySettingsExW
FindWindowExW
CreateIconFromResourceEx
GetSysColor
GetTabbedTextExtentA
CharLowerW
DrawStateA
SubtractRect
FindWindowExA
InsertMenuItemA
SetCaretPos
CharPrevW
MessageBoxIndirectW
MonitorFromRect
GetClassInfoExW
GetNextDlgTabItem
CreateDialogParamA
MsgWaitForMultipleObjectsEx
SetProcessDefaultLayout
GetScrollBarInfo
GetMessageW
SetScrollPos
SendDlgItemMessageW
IsWindow
DefMDIChildProcW
DrawTextA
GetMenuState
SetWindowPos
BeginPaint
PackDDElParam
GetUpdateRgn
DrawFocusRect
IsChild
IsWindowVisible
GetScrollInfo
MapDialogRect
DialogBoxIndirectParamA
VkKeyScanA
EndPaint
RegisterWindowMessageA
CreateCaret
OpenWindowStationA
ModifyMenuA
GetWindowTextLengthW
ChildWindowFromPointEx
GrayStringA
WindowFromPoint
AppendMenuW
DefFrameProcA
GetWindowRect
EnumWindows
RemovePropW
ValidateRect
SetWindowTextW
EnableWindow
SetWindowsHookExA
GetMessageA
GetClientRect
FindWindowA
GetClassNameA
RegisterClassExA
SetWindowLongA
GetWindowThreadProcessId
GetInputState

shlwapi

PathFindExtensionW
PathFindFileNameA
StrStrA
StrRChrW
PathFindNextComponentW
SHCreateStreamOnFileW
PathFileExistsW
wvnsprintfW
PathIsNetworkPathW
PathIsPrefixW
PathIsUNCW
wnsprintfW
PathCanonicalizeW
SHRegGetValueW
UrlGetPartW
SHGetValueW
StrStrIW
UrlUnescapeW
StrCmpIW
StrStrIA
SHDeleteKeyA
SHSetValueA

advapi32

LookupAccountNameA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
OpenSCManagerA
RegDeleteValueA
QueryServiceConfig2W
RegSetValueW
RegLoadKeyW
CreateServiceW
ImpersonateSelf
RegisterServiceCtrlHandlerW
RegSaveKeyA
RegCreateKeyA
RegQueryValueExW
CreateProcessAsUserA
GetInheritanceSourceW
GetServiceKeyNameW
SetEntriesInAclW
DuplicateToken
QueryServiceStatus
ImpersonateLoggedOnUser
RegSetValueExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4147a9f7936494e27ca83461ae336c29

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB