d1c318346ee0b749ef4292fe4635a332ac00dfb0e1accafbc57b8b36dbf434db

Sharing

Copy URL Twitter E-mail

General

Target

d1c318346ee0b749ef4292fe4635a332ac00dfb0e1accafbc57b8b36dbf434db
Size

132KB
MD5

a20d716cf2b2822c1433a2cfe072e3c0
SHA1

515b599b30a2887c397ea573c5470141023b3643
SHA256

d1c318346ee0b749ef4292fe4635a332ac00dfb0e1accafbc57b8b36dbf434db
SHA512

18b4c3b745b1b7f69f24ca5969cd8512b07058130734ad22fb8c9043164fb4f579216e7a75ac517eeb03c6b53716b9fc3bcfee8f87f3d9079b54827f16082206
SSDEEP

3072:yL8FbdVhTSWFI+G540Xa19Frb0m14wM2JIC9dt03cb:ZFbzi40kXNNMHZ3cb

Score

N/A

Malware Config

Signatures

Files

d1c318346ee0b749ef4292fe4635a332ac00dfb0e1accafbc57b8b36dbf434db
.dll regsvr32 windows x86

c42acc9086088236c4787c9a4c3a351f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

GetErrorInfo
SysFreeString
VariantClear
SysAllocString

advapi32

RegOpenKeyExW
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegCloseKey
RegOpenKeyExA
RegQueryValueExW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
isspace
strerror
srand
ispunct
tolower
strtok
toupper
isalpha
wcscmp
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
?what@exception@@UBEPBDXZ
wcslen
islower
isupper
__mb_cur_max
wctomb
isxdigit
printf
isalnum
malloc
free
__CxxFrameHandler
strchr
strncpy
atoi
??2@YAPAXI@Z
tmpnam
fopen
fwrite
fclose
??3@YAXPAX@Z
strstr
isgraph
_stricmp

user32

SystemParametersInfoA
DispatchMessageA
wsprintfA
EnumWindows
EnumChildWindows
GetWindowThreadProcessId
GetClassNameA
CloseClipboard
OpenClipboard
DefWindowProcA
SetTimer
KillTimer
TranslateMessage
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
SetWindowPos

ole32

CoInitialize
CoCreateInstance
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree

netapi32

Netbios

wininet

InternetCloseHandle
HttpQueryInfoA
InternetOpenA
InternetSetOptionA
InternetReadFile
InternetOpenUrlA

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

winmm

timeGetTime

rpcrt4

UuidToStringA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

CreateProcessA
DeleteFileA
GetSystemDirectoryA
WaitForSingleObject
LoadLibraryA
GetProcAddress
FreeLibrary
MoveFileExA
HeapFree
GetLastError
SetLastError
lstrlenA
GetVersion
GetFullPathNameA
GetProcessHeap
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
GetSystemInfo
SleepEx
GetModuleFileNameA
GetCurrentDirectoryA
GetWindowsDirectoryA
Sleep
MultiByteToWideChar
FreeEnvironmentStringsA
QueryPerformanceCounter
GetTickCount
GetEnvironmentStrings
HeapSize
HeapAlloc
lstrcmpiA
lstrcmpA
CloseHandle
GetVersionExA
CreateFileA
GetEnvironmentVariableA
GetThreadTimes
GetCurrentThread
InterlockedExchange
lstrcpyA
LocalFree
FormatMessageA
GetModuleHandleA
lstrcpynA
QueryPerformanceFrequency
GetLocalTime
GetProcessTimes
GetCurrentProcess
GetCurrentProcessId
OpenProcess

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c42acc9086088236c4787c9a4c3a351f

Headers

File Characteristics

Imports

oleaut32

advapi32

psapi

msvcrt

user32

ole32

netapi32

wininet

shlwapi

winmm

rpcrt4

version

kernel32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 16KB - Virtual size: 18KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 16KB - Virtual size: 18KB

.reloc
Size: 8KB - Virtual size: 6KB