8f1d7f30cfb2ec31f2d9485ecbefb24f0209724f026edb91dc0ae38803ef9875

Sharing

Copy URL Twitter E-mail

General

Target

8f1d7f30cfb2ec31f2d9485ecbefb24f0209724f026edb91dc0ae38803ef9875
Size

480KB
MD5

1f60c8ee439a67208499401dfca08f80
SHA1

3f9dbc856eabcafeed2bdfc47a1635025ba4b22d
SHA256

8f1d7f30cfb2ec31f2d9485ecbefb24f0209724f026edb91dc0ae38803ef9875
SHA512

3b2bdea0341d85bf579a9b3a528f95da415b07c1a75be27bc1615c0818d4e267102cc3fdd387fde8e8736906e5ecebb32c117a217be09276b0affbdf86d7a4a6
SSDEEP

6144:gIm81Pjm8F8rT10n4sRN8OCtUHs9yNoUa7d5PHBVoAOY1Nlty4ocM4tomuv:M81PzSy3RN8lJ6dOXlUxK5u

Score

N/A

Malware Config

Signatures

Files

8f1d7f30cfb2ec31f2d9485ecbefb24f0209724f026edb91dc0ae38803ef9875
.dll regsvr32 windows x86

b031e9de58ecf13cc23d88b9c4724b61

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
WideCharToMultiByte
WaitForSingleObject
lstrcpyW
lstrlenW
GetModuleFileNameW
VirtualQuery
Sleep
CreateThread
GetThreadLocale
CloseHandle
CreateEventW
CreateSemaphoreW
ResetEvent
ReleaseSemaphore
SetEvent
GetProcAddress
GetModuleHandleW
GetLocaleInfoA
GetACP
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
MultiByteToWideChar
InitializeCriticalSection
lstrlenA
RtlUnwind
ExitProcess
GetModuleFileNameA
GetLastError
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetFileInformationByHandle
PeekNamedPipe
GetFileType
SetFilePointer
CreateFileA
CreateFileW
GetCurrentThreadId
HeapAlloc
HeapReAlloc
HeapFree
GetSystemTimeAsFileTime
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
LoadLibraryA
WriteFile
GetStdHandle
GetFullPathNameA
GetCurrentDirectoryA
SetStdHandle
SetHandleCount
GetStartupInfoA
SetEndOfFile
ReadFile
UnhandledExceptionFilter
GetTimeZoneInformation
VirtualProtect
VirtualAlloc
GetSystemInfo
RaiseException
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
GetStringTypeA
GetStringTypeW
FlushFileBuffers
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapSize
lstrcpynW
InterlockedIncrement
InterlockedDecrement
OutputDebugStringW
lstrcmpW
FreeLibrary
SetThreadPriority
DisableThreadLibraryCalls

user32

EnumWindows
GetClassNameW
wsprintfW
GetWindowThreadProcessId
wvsprintfW
SetRect

ole32

CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance
CoUninitialize
CLSIDFromString
CoInitialize

msvcr71

_wcsicmp
_purecall

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegSetValueW
RegCreateKeyW
RegCloseKey

winmm

timeGetTime

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 240KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b031e9de58ecf13cc23d88b9c4724b61

Headers

File Characteristics

Imports

kernel32

user32

ole32

msvcr71

advapi32

winmm

Exports

Exports

Sections

.text Size: 240KB - Virtual size: 236KB

.rdata Size: 144KB - Virtual size: 140KB

.data Size: 8KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 792B

.reloc Size: 20KB - Virtual size: 18KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 240KB - Virtual size: 236KB

.rdata
Size: 144KB - Virtual size: 140KB

.data
Size: 8KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 792B

.reloc
Size: 20KB - Virtual size: 18KB

.rmnet
Size: 60KB - Virtual size: 60KB