ec67a5ddab93f0437ee42c19ac51e054999f2ec7cfdcc3900a8cc519dfb21ec5

Sharing

Copy URL Twitter E-mail

General

Target

ec67a5ddab93f0437ee42c19ac51e054999f2ec7cfdcc3900a8cc519dfb21ec5
Size

188KB
MD5

1255abd140e92f02936b4be1b2cf7000
SHA1

7bfb1eb9add0b04536eac2730d9f4901b72ea521
SHA256

ec67a5ddab93f0437ee42c19ac51e054999f2ec7cfdcc3900a8cc519dfb21ec5
SHA512

fd6b375ebc0bd06fff895de678d92d1787329be616210308872344772e96a1e1db641e4d0210f2500a1d3a57f6f374eaf21688ab92af119b1415daab0bb8b9e1
SSDEEP

3072:HCc3BovvxtyyLa3E1oF4wfOKT7fdBKhTx6GwmRuYNxzN/dSl6AlfNN/U575We:Wv7Da3EO2wWKXf0LnuYNx5/PABN2Ke

Score

N/A

Malware Config

Signatures

Files

ec67a5ddab93f0437ee42c19ac51e054999f2ec7cfdcc3900a8cc519dfb21ec5
.dll regsvr32 windows x86

8a43d35c315949512ec75ffbc01cfafb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
lstrcpyA
DeleteCriticalSection
InitializeCriticalSection
HeapDestroy
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
GetProcAddress
DisableThreadLibraryCalls
IsDBCSLeadByte
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
lstrcatA
TlsSetValue
lstrlenW
FormatMessageA
OutputDebugStringA
HeapAlloc
GetProcessHeap
HeapFree
CloseHandle
GetVersion
LocalFree
LocalAlloc
LocalReAlloc
RtlUnwind
RaiseException
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
ExitProcess
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetDateFormatA
GetLocalTime
CreateThread
CreateEventA
WaitForSingleObject
SetEvent

user32

CharUpperA
CharNextA
wsprintfA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA

oleaut32

SysFreeString
VarUI4FromStr
RegisterTypeLi
SysAllocStringLen
SysStringLen
LoadTypeLi
SysAllocString

ole32

CoInitialize
CoUninitialize
CoTaskMemRealloc
CoCreateInstance
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree

wininet

InternetReadFile
InternetConnectA
InternetOpenA
HttpSendRequestA
HttpAddRequestHeadersA
InternetSetOptionA
HttpQueryInfoA
HttpOpenRequestA
InternetCloseHandle

shlwapi

StrCmpIW
wnsprintfA
wnsprintfW
StrCmpW

rpcrt4

UuidToStringA
RpcStringFreeA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a43d35c315949512ec75ffbc01cfafb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

ole32

wininet

shlwapi

rpcrt4

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 55KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 8KB - Virtual size: 4KB

.text Size: 100KB - Virtual size: 100KB

.text
Size: 56KB - Virtual size: 55KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 100KB - Virtual size: 100KB