09d3d4f897cd4997654671fd0cee8317bfbcbedd3e386948f61831da109baa05

Sharing

Copy URL

Twitter E-mail

General

Target

09d3d4f897cd4997654671fd0cee8317bfbcbedd3e386948f61831da109baa05
Size

332KB
MD5

6f453a3b04a442de16e3baf1b2ae66b3
SHA1

6a428b06d659f62a7459bb2e04f4744004c3e072
SHA256

09d3d4f897cd4997654671fd0cee8317bfbcbedd3e386948f61831da109baa05
SHA512

1a9a156da0d29cdc9181835eb274dd8af12b0481a1920cafa509f4d274e114ba9bb07e20f8ecd1648974d48d6bdb9e5b584d34c53119b00f9b2d7fe8d15c47f6
SSDEEP

6144:WLcJsA8ZoIZXRIHpjWC6zwJCMhcDjniUP4182B:WLWSFLoJWCEwVhcDj1q8M

Score

N/A

Malware Config

Signatures

Files

09d3d4f897cd4997654671fd0cee8317bfbcbedd3e386948f61831da109baa05
.dll regsvr32 windows x86

5337eea86f8cd14ed2cdbe7fc0b46bf4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA

kernel32

InterlockedDecrement
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
VirtualProtect
LockResource
GetCurrentThreadId
GetProcessId
DisableThreadLibraryCalls
GetCurrentProcessId
GetProcAddress
LoadLibraryA
SetThreadLocale
GetThreadLocale
CreateThread
lstrcmpA
WaitForSingleObject
GlobalUnlock
GlobalLock
GlobalAlloc
FlushInstructionCache
GetCurrentProcess
MulDiv
SetLastError
CloseHandle
ReadFile
SetFilePointer
CreateFileA
VirtualAlloc
IsBadReadPtr
VirtualFree
HeapAlloc
GetProcessHeap
CreateProcessA
GetTempPathA
LocalFree
SetEnvironmentVariableA
CompareStringW
InterlockedIncrement
SetEndOfFile
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
GetFileType
SetStdHandle
GetCurrentDirectoryA
GetFullPathNameA
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
WriteFile
ExitProcess
HeapCreate
HeapDestroy
GetCommandLineA
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
GetLocaleInfoA
GetACP
InterlockedExchange
InterlockedCompareExchange
HeapFree
Sleep
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
CompareStringA
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
HeapReAlloc
RtlUnwind
VirtualQuery
GetSystemInfo
GetSystemTimeAsFileTime
IsDebuggerPresent
GetVersionExA

user32

CharNextA
SetFocus
SetActiveWindow
SetForegroundWindow
wsprintfA
ShowWindow
GetSystemMetrics
GetFocus
GetActiveWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
SetWindowLongA
GetWindowLongA
CreateWindowExA
SetTimer
KillTimer
CreateAcceleratorTableA
IsWindow
GetDesktopWindow
GetWindow
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
FillRect
ReleaseCapture
GetClassNameA
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
SetWindowPos
MoveWindow
GetSysColor
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
DefWindowProcA
SendMessageA
DestroyWindow
UnregisterClassA

oleaut32

SysAllocStringByteLen
OleCreateFontIndirect
SysStringByteLen
SysAllocStringLen
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
LoadTypeLi
LoadRegTypeLi
DispCallFunc
SysStringLen
VariantClear
VariantInit
VarUI4FromStr
SysFreeString

ole32

CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoUninitialize
CoInitialize
CoGetClassObject
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc

gdi32

SelectObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateSolidBrush
GetObjectA
GetStockObject
DeleteObject

shlwapi

StrStrIA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5337eea86f8cd14ed2cdbe7fc0b46bf4

Headers

File Characteristics

Imports

advapi32

kernel32

user32

oleaut32

ole32

gdi32

shlwapi

Exports

Exports

Sections

.text Size: 228KB - Virtual size: 227KB

.rdata Size: 48KB - Virtual size: 44KB

.data Size: 24KB - Virtual size: 29KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 24KB - Virtual size: 20KB

.text
Size: 228KB - Virtual size: 227KB

.rdata
Size: 48KB - Virtual size: 44KB

.data
Size: 24KB - Virtual size: 29KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 24KB - Virtual size: 20KB