6d2742c4dec40baa36ea782910beba9f387866a34e119ea7376dbead771ee760

Sharing

Copy URL Twitter E-mail

General

Target

6d2742c4dec40baa36ea782910beba9f387866a34e119ea7376dbead771ee760
Size

816KB
MD5

1b511c1ea7003af673753c9e3405fe70
SHA1

d55231042f0c1c0689547bef07ab2fe76305480f
SHA256

6d2742c4dec40baa36ea782910beba9f387866a34e119ea7376dbead771ee760
SHA512

bb19623936a59265e9d6b66acb8a23528cd3ffa11f39409a7cef2c992bb0906d1226776911351d5f3e63c7b3e8b921a6e53e47c0acb8b992595722e5823e950f
SSDEEP

24576:37edEz/rmnbHDK0Bq4wvXID6jrSdmL5MZfcl9M:Vz/Ni6MZfcl

Score

N/A

Malware Config

Signatures

Files

6d2742c4dec40baa36ea782910beba9f387866a34e119ea7376dbead771ee760
.dll regsvr32 windows x86

8bc2fb6a1c94da07f8a249263179ab45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d8

Direct3DCreate8

kernel32

DeleteCriticalSection
DisableThreadLibraryCalls
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileW
GetVersionExA
UnmapViewOfFile
FindResourceW
HeapFree
GetProcessHeap
GetProcAddress
WriteFile
IsProcessorFeaturePresent
ReadFile
GetCommandLineA
HeapReAlloc
CompareStringA
FlushFileBuffers
GetLocaleInfoW
SetStdHandle
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
HeapDestroy
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetFilePointer
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
LCMapStringW
LCMapStringA
RaiseException
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
IsDBCSLeadByte
lstrcmpiA
IsBadWritePtr
VirtualAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
HeapAlloc
Sleep
ExitProcess
TerminateProcess
HeapCreate
VirtualFree
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
GetModuleHandleA
GetShortPathNameA
lstrlenW
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
lstrcpynA
FreeLibrary
GetCurrentProcess
FlushInstructionCache
LoadLibraryA
MulDiv
QueryPerformanceFrequency
QueryPerformanceCounter
GetFullPathNameA
CreateFileA
CloseHandle
lstrcpyA
lstrcatA
CompareStringW
SetEnvironmentVariableA
GetVersion

shell32

ShellExecuteA

gdiplus

GdipBitmapUnlockBits
GdipDeleteGraphics
GdipFree
GdiplusShutdown
GdipCreateBitmapFromResource
GdipSetStringFormatAlign
GdipCreateBitmapFromFileICM
GdipCreateFontFamilyFromName
GdipCreateFont
GdipCreateSolidFill
GdipCreateStringFormat
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipDrawString
GdipDeleteStringFormat
GdipDeleteFont
GdipDeleteFontFamily
GdipDisposeImage
GdipCloneImage
GdipCloneBrush
GdiplusStartup
GdipAlloc
GdipCreateBitmapFromStream
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageRawFormat
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipSetInterpolationMode
GdipDrawImageRectRectI
GdipCreateLineBrushFromRect
GdipFillRectangle
GdipCreateLineBrushFromRectI
GdipFillRectangleI
GdipBitmapLockBits
GdipDeleteBrush

ddraw

DirectDrawCreate

winmm

timeGetTime

user32

SystemParametersInfoA
MapWindowPoints
SetDlgItemTextA
GetDlgItemTextA
EndDialog
DialogBoxParamA
TrackMouseEvent
PeekMessageA
wsprintfA
CallWindowProcA
UnhookWindowsHookEx
DestroyWindow
PostMessageA
SetCursor
GetSysColorBrush
LoadCursorA
GetWindow
GetSystemMetrics
CreateWindowExA
GetDC
ReleaseDC
SetWindowLongA
IsWindowUnicode
SetWindowsHookExA
ShowWindow
UpdateWindow
DefWindowProcA
GetAsyncKeyState
GetParent
LoadStringA
wsprintfW
CharNextA
RegisterWindowMessageA
CallNextHookEx
SetWindowPos
GetWindowLongA
GetWindowRect
GetClientRect
RegisterClassA

gdi32

CreateDIBSection
SetMapMode
GetDeviceCaps
CreateFontA
SetTextColor
SetBkColor
SetTextAlign
GetTextExtentPoint32A
ExtTextOutA
CreateDIBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
DeleteDC

advapi32

RegCreateKeyExA
RegOpenKeyA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegCloseKey
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree

oleaut32

LoadRegTypeLi
VarUI4FromStr
SysStringLen
SysAllocString
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 380KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8bc2fb6a1c94da07f8a249263179ab45

Headers

File Characteristics

Imports

d3d8

kernel32

shell32

gdiplus

ddraw

winmm

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 380KB - Virtual size: 379KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 40KB - Virtual size: 59KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 264KB - Virtual size: 263KB

.reloc Size: 24KB - Virtual size: 20KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 380KB - Virtual size: 379KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 40KB - Virtual size: 59KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 264KB - Virtual size: 263KB

.reloc
Size: 24KB - Virtual size: 20KB

.rmnet
Size: 60KB - Virtual size: 60KB