2bff7554ef5c9c81fe69726e612ab3071c4ca5fd268ce45892754b5fce31a3fe

Sharing

Copy URL Twitter E-mail

General

Target

2bff7554ef5c9c81fe69726e612ab3071c4ca5fd268ce45892754b5fce31a3fe
Size

280KB
MD5

a1a4b65d885bf7bd56f8ea8c348ac190
SHA1

2da2af6964fd760c1c672dd169eda5173a56e034
SHA256

2bff7554ef5c9c81fe69726e612ab3071c4ca5fd268ce45892754b5fce31a3fe
SHA512

48d5b033bf1d3417a92ad3e4d635b3aa39076eecf787546a843d3e32604e8cd3f83ed9688e9b8d903b6398a08e03c6c3fe491543eafe58874e30fe1b35fa4e2b
SSDEEP

3072:RIG6lrzYruDTA2QDzK6nVKiP0H0CRoLoFcSstcnSgJ4RVtfP+z7Mx3fUAXZ08pwR:2YUs7zKI50v1sbRizUcAFyKk404bJsh

Score

N/A

Malware Config

Signatures

Files

2bff7554ef5c9c81fe69726e612ab3071c4ca5fd268ce45892754b5fce31a3fe
.dll regsvr32 windows x86

6a6b90c70650691f89e824e8630aac02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
GlobalFlags
WritePrivateProfileStringA
GetVersion
SetLastError
GlobalGetAtomNameA
GetProcessVersion
GetFileAttributesA
GetFileSize
GlobalFindAtomA
GetFileTime
GetCPInfo
GetOEMCP
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
HeapSize
TlsGetValue
GetVersionExA
HeapCreate
VirtualFree
VirtualAlloc
LocalReAlloc
SetErrorMode
FindFirstFileA
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
InterlockedDecrement
InterlockedIncrement
FreeLibrary
LoadLibraryA
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
TlsFree
TlsSetValue
GlobalReAlloc
TlsAlloc
GlobalHandle
GlobalFree
LocalAlloc
GetFullPathNameA
GetVolumeInformationA
UnlockFile
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
FormatMessageA
GetCurrentProcess
DuplicateHandle
FileTimeToSystemTime
LocalFree
FileTimeToLocalFileTime
GlobalUnlock
GlobalLock
lstrcmpA
GlobalAlloc
GlobalDeleteAtom
GetCurrentThread
CloseHandle
WaitForSingleObject
IsBadWritePtr
FindClose
GetUserDefaultLangID
InitializeCriticalSection
GetDateFormatA
GetTimeFormatA
GetCurrentThreadId
GetTimeZoneInformation
GetLocalTime
lstrcatA
lstrcpyA
HeapDestroy
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
SetHandleCount
GetACP
GetEnvironmentVariableA

user32

GetSysColor
AdjustWindowRectEx
LoadIconA
LoadCursorA
GetSysColorBrush
MapWindowPoints
DestroyMenu
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetFocus
ShowWindow
SetWindowPos
GetDlgItem
GetMenuItemCount
SetWindowTextA
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
GrayStringA
SetWindowLongA
ReleaseDC
GetDC
ClientToScreen
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
GetSystemMetrics
CharUpperA
wsprintfA
GetWindowTextA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetClientRect
CopyRect
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
PostMessageA
PostQuitMessage
TabbedTextOutA
CharNextA
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
DrawTextA

gdi32

RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
GetClipBox
ScaleWindowExtEx
DeleteDC
DeleteObject
GetDeviceCaps
PtVisible
TextOutA
ExtTextOutA
RectVisible
GetObjectA
Escape
CreateBitmap
SaveDC

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegDeleteValueA
RegCloseKey
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA

comctl32

ord17

ole32

CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
VariantClear
SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
VarUI4FromStr
SafeArrayGetElemsize
VariantCopy
SafeArrayGetElement

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6a6b90c70650691f89e824e8630aac02

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 16KB - Virtual size: 14KB

.text Size: 104KB - Virtual size: 104KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 16KB - Virtual size: 14KB

.text
Size: 104KB - Virtual size: 104KB