8072c4ed03127172280b09f831f0a3e47a850b81f340f8c7018722c53d7c950b

Sharing

Copy URL Twitter E-mail

General

Target

8072c4ed03127172280b09f831f0a3e47a850b81f340f8c7018722c53d7c950b
Size

60KB
MD5

1e7d0f5afcf1fea2c0640c5b167347de
SHA1

dad2bb6a4d6c9293cd95372fc58eb88ac3a114a2
SHA256

8072c4ed03127172280b09f831f0a3e47a850b81f340f8c7018722c53d7c950b
SHA512

4d1c1fb6de8dd7f30ae52c764edccd7810a8ce65284db06afe741627a27d4f2ffb7e9d5022b22f827fedcb4988fb0eca4413f931ad9c1406531de5e5854502e9
SSDEEP

1536:XJbxer+LsvuI2wWrOe9Whdtrd8NXJS63Nipa:XJbxU+Lm2wWae92d2NXJS63Ma

Score

N/A

Malware Config

Signatures

Files

8072c4ed03127172280b09f831f0a3e47a850b81f340f8c7018722c53d7c950b
.dll regsvr32 windows x86

b800856390eb5dec58846e9481ab4349

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStructA
GetPrivateProfileStructA
GetWindowsDirectoryA
GetSystemDirectoryA
MultiByteToWideChar
Sleep
GetTempPathA
GetTempFileNameA
CreateProcessA
WaitForSingleObject
DeviceIoControl
WideCharToMultiByte
GetCurrentProcess
FlushInstructionCache
lstrlenA
lstrcpyA
lstrcatA
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
DisableThreadLibraryCalls
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetShortPathNameA
OpenMutexA
CloseHandle
CopyFileA
lstrcmpA
DeleteFileA
FindFirstFileA
FindClose
IsBadStringPtrA
CreateFileA
lstrcpynA
MoveFileExA
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
UnmapViewOfFile
WriteFile

user32

GetFocus
IsChild
SetFocus
DefWindowProcA
DestroyWindow
CreateWindowExA
GetWindowRect
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
SetWindowPos
ShowWindow
InvalidateRect
GetKeyState
PtInRect
UnionRect
BeginPaint
GetClientRect
EndPaint
IsWindow
CallWindowProcA
GetWindowLongA
SetWindowLongA
GetClassInfoExA
RegisterClassExA

gdi32

GetDeviceCaps
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateMetaFileA
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC

ole32

CoTaskMemFree
CoUninitialize
CreateDataAdviseHolder
CoTaskMemAlloc
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
CoInitialize
OleRegEnumVerbs

oleaut32

VariantClear
OleCreatePropertyFrame
SysStringLen
LoadRegTypeLi
SysAllocString
SysFreeString

atl

ord23
ord21
ord16
ord15
ord18
ord57
ord32
ord43
ord46
ord50
ord30
ord27
ord31
ord44
ord58
ord26
ord51

urlmon

URLDownloadToFileA

msvcrt

_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
rewind
fgets
strstr
fputs
ftell
fseek
malloc
fread
free
time
srand
fopen
rand
fwrite
fclose
_mbsicmp
_mbsnbcpy
_vsnprintf
atoi
_mbschr
_snprintf
sprintf
__CxxFrameHandler
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z
_strlwr

shlwapi

PathFindExtensionA
PathStripToRootA
PathRemoveBlanksA
PathRemoveBackslashA
PathRemoveFileSpecA
PathRemoveExtensionA
SHSetValueA
PathFindFileNameA
PathAppendA
PathFileExistsA
SHGetValueA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b800856390eb5dec58846e9481ab4349

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

atl

urlmon

msvcrt

shlwapi

version

advapi32

Exports

Exports

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 4KB