414d5c442487ca0ae8078b9c8f163439a438ceb26cc8be1b855739ba73a2e02b

Sharing

Copy URL Twitter E-mail

General

Target

414d5c442487ca0ae8078b9c8f163439a438ceb26cc8be1b855739ba73a2e02b
Size

556KB
MD5

064a8b5a868f1d5838bcdc5417d142f0
SHA1

7370774ee091ba50fe0da385318aa71a9fd98916
SHA256

414d5c442487ca0ae8078b9c8f163439a438ceb26cc8be1b855739ba73a2e02b
SHA512

2d03e3d7ebfcaaa86738962b6e34b10de6aa5f49d7b83e6c9723dd78e14089a7ece26af2026fab0a29bd3d04ab0984e48a8308c4f9be1d859d274defc15b6379
SSDEEP

6144:zwzQ1RnuFkxMxXNB5fZiPOdr7K8VAXZaxVk:UQLuOx2vdZi07K8Vfx

Score

N/A

Malware Config

Signatures

Files

414d5c442487ca0ae8078b9c8f163439a438ceb26cc8be1b855739ba73a2e02b
.dll regsvr32 windows x86

f1344e5402d45176281f313f4dc5b0cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnableWindow
ShowWindow
InvalidateRect
ScreenToClient
ClientToScreen
GetClientRect
GetWindowRect
SetWindowPos
SendMessageW
GetWindowLongW
CreateWindowExW
SetWindowLongW
IsWindow
DestroyAcceleratorTable
GetWindow
IsChild
GetFocus
SetFocus
GetDlgItem
GetClassNameW
CreateAcceleratorTableW
GetDesktopWindow
InvalidateRgn
FillRect
GetSysColor
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetScrollInfo
ShowScrollBar
GetCursorPos
SetScrollPos
PostMessageW
SetTimer
KillTimer
DestroyCursor
SetRect
CopyRect
RedrawWindow
GetUpdateRect
CharNextW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
LoadBitmapW
SystemParametersInfoW
BeginPaint
EndPaint
GetCapture
GetDlgCtrlID
SetCursor
RegisterClassExW
ReleaseCapture
IntersectRect
CallWindowProcW
DefWindowProcW
DrawTextW
DestroyWindow
GetDC
ReleaseDC
OffsetRect
InflateRect
PtInRect
LoadCursorW
wsprintfW
GetClassInfoExW
SetWindowRgn
SetParent
GetParent
SetCapture
UnregisterClassW

kernel32

VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
VirtualQuery
GetCommandLineA
HeapReAlloc
ExitProcess
RtlUnwind
IsBadWritePtr
SetUnhandledExceptionFilter
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
TerminateProcess
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
RaiseException
SetHandleCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GetVersionExA
GetProcAddress
GetModuleHandleW
MultiByteToWideChar
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
lstrcpyW
GetLastError
lstrcmpiW
lstrcpynW
GetTickCount
FreeLibrary
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
lstrcatW
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpW
LocalFree
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualProtect
GetSystemInfo
InitializeCriticalSection

gdi32

PtInRegion
CreateBitmap
CreatePatternBrush
SetRectRgn
CreateRectRgnIndirect
PatBlt
SelectClipRgn
GetClipBox
CreateFontIndirectW
SetTextColor
SetBkMode
CombineRgn
CreateRectRgn
GetObjectW
DeleteObject
SelectObject
CreateCompatibleDC
GetDIBits
ExtSelectClipRgn
OffsetRgn
StretchBlt
SetViewportOrgEx
FillRgn
CreateSolidBrush
ExtTextOutW
SetBkColor
CreateCompatibleBitmap
GetTextExtentPoint32W
GetDeviceCaps
GetStockObject
BitBlt
DeleteDC

advapi32

RegQueryInfoKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW

ole32

CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VarUI4FromStr
SysFreeString
DispCallFunc
LoadRegTypeLi
VariantInit
VariantClear
OleCreateFontIndirect
SysStringByteLen
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SysStringLen
SysAllocStringLen
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString

shlwapi

PathFindExtensionW

comctl32

ImageList_Destroy
ImageList_AddMasked
ImageList_Draw
ImageList_Create
InitializeFlatSB

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f1344e5402d45176281f313f4dc5b0cb

Headers

File Characteristics

Imports

user32

kernel32

gdi32

advapi32

ole32

oleaut32

shlwapi

comctl32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 168KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 268KB - Virtual size: 267KB

.reloc Size: 16KB - Virtual size: 14KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 172KB - Virtual size: 168KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 268KB - Virtual size: 267KB

.reloc
Size: 16KB - Virtual size: 14KB

.rmnet
Size: 60KB - Virtual size: 60KB