16f5f535c4d2d36a08a547250ca14b8af09017e8e6af6aa2ce609948ed2db70b

Sharing

Copy URL

Twitter E-mail

General

Target

16f5f535c4d2d36a08a547250ca14b8af09017e8e6af6aa2ce609948ed2db70b
Size

135KB
MD5

21e724350d0d43851cd5c880e1d3df20
SHA1

0aaffa5a214933971f9ca46a4d621fd6ae6dcb6f
SHA256

16f5f535c4d2d36a08a547250ca14b8af09017e8e6af6aa2ce609948ed2db70b
SHA512

1584e3d80ee2055218a10837af752c652f56a6a63398b13c5238a0a4c88b881c4644bfed7b54b7c00e49c18262e37c0e2d58c4f73e65184eb182d04f15ab65f1
SSDEEP

3072:mcVJPJGphiNDKm2qqIkQYAkclKg8Tlf+zsdQ1bMur+LNp:mcVJPJNYQYncl38Td+4dQ15rG

Score

N/A

Malware Config

Signatures

Files

16f5f535c4d2d36a08a547250ca14b8af09017e8e6af6aa2ce609948ed2db70b
.dll regsvr32 windows x86

2eb032bbb1c874ed892efb9c3d58eb08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleFileNameA
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
DeleteCriticalSection
EnterCriticalSection
RaiseException
LeaveCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
lstrlenA
MultiByteToWideChar
GetModuleHandleA
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
lstrlenW
WideCharToMultiByte
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
lstrcmpiA
IsDBCSLeadByte
GetModuleFileNameW
FreeLibrary
Sleep
GetProcessHeap
InterlockedExchange

msvcr80

_amsg_exit
_callnewh
??3@YAXPAX@Z
strncpy_s
_recalloc
memcpy_s
_resetstkoflw
strcpy_s
strcat_s
_wmakepath_s
_wsplitpath_s
wcscat_s
wcschr
_vsnwprintf_s
memset
free
??_V@YAXPAX@Z
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_onexit
_lock
__dllonexit
_unlock
__CppXcptFilter
_adjust_fdiv
malloc
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer

user32

CharNextA
UnregisterClassA

advapi32

RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegDeleteKeyA

ole32

CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

SysStringLen
SysAllocStringLen
VarUI4FromStr
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
VSDllRegisterServer
VSDllUnregisterServer

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2eb032bbb1c874ed892efb9c3d58eb08

Headers

File Characteristics

Imports

kernel32

msvcr80

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.text Size: 108KB - Virtual size: 112KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 108KB - Virtual size: 112KB