a913572df7b01da865261fdee9f1982952298ea03b3d57da09b926ef1489541e

Sharing

Copy URL Twitter E-mail

General

Target

a913572df7b01da865261fdee9f1982952298ea03b3d57da09b926ef1489541e
Size

230KB
MD5

77e8801345a180297c399e43f2eca6ce
SHA1

d76aac797d199c28c7385c0661ea2982a32e8509
SHA256

a913572df7b01da865261fdee9f1982952298ea03b3d57da09b926ef1489541e
SHA512

b5c5fcd2988f1c7b66314078b37d565086760138951f8ad712ae85c98a4784e51cf3b33faed1d7639c60ad11f6fd18bed63d118d68463a0dbac919b06cb92fb0
SSDEEP

6144:Zz89ds5dGHLjO1+Tpx+OlFBWjwz1bsPoLKF:mdi2+gmjwz1bsPoWF

Score

N/A

Malware Config

Signatures

Files

a913572df7b01da865261fdee9f1982952298ea03b3d57da09b926ef1489541e
.dll regsvr32 windows x86

7012b3d56c57837628a1b8fdaadc70fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromCLSID
CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
SetThreadLocale
GetThreadLocale
LockResource
FindResourceExA
GlobalFree
GlobalUnlock
GlobalLock
GetCurrentProcessId
SetEnvironmentVariableA
GetEnvironmentVariableA
Sleep
CloseHandle
WaitForSingleObject
GetCurrentThreadId
TryEnterCriticalSection
CreateMutexA
ReleaseMutex
LoadLibraryA
GetVersionExA
InterlockedDecrement
GetTickCount
GetSystemInfo
GetVersion
GlobalAlloc
GetSystemDirectoryA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
InterlockedExchange
SetErrorMode
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
InterlockedIncrement
IsDBCSLeadByte
GetModuleHandleW
GetProcAddress
GetModuleFileNameA
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection

user32

wsprintfA
GetSystemMetrics
GetDC
ReleaseDC
CharNextW
CharNextA

advapi32

RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegCreateKeyA
RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegSetValueA
RegDeleteKeyA

shell32

SHGetFileInfoA

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

gdi32

CreateDIBitmap
DeleteDC
StretchBlt
CreateBitmap
SelectObject
SetBrushOrgEx
SetStretchBltMode
GetStretchBltMode
CreateCompatibleDC
DeleteObject

msvcr90

printf
__CppXcptFilter
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
_adjust_fdiv
_unlock
_except_handler4_common
_access
??0exception@std@@QAE@ABV01@@Z
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_amsg_exit
_initterm_e
_initterm
__dllonexit
_putenv
_encoded_null
??3@YAXPAX@Z
strstr
malloc
free
memcpy_s
strcpy_s
wcsncpy_s
strncpy_s
strcat_s
??_V@YAXPAX@Z
_resetstkoflw
_recalloc
??_U@YAPAXI@Z
memset
strncpy
__CxxFrameHandler3
calloc
_purecall
??2@YAPAXI@Z
sprintf
strtol
strrchr
realloc
memcpy
_vsnprintf
memmove
_stat32
strchr
getenv
_ismbblead
_stricmp
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
_CxxThrowException

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7012b3d56c57837628a1b8fdaadc70fc

Headers

File Characteristics

Imports

ole32

version

kernel32

user32

advapi32

shell32

oleaut32

gdi32

msvcr90

msvcp90

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 14KB - Virtual size: 14KB

.text Size: 108KB - Virtual size: 112KB

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 14KB - Virtual size: 14KB

.text
Size: 108KB - Virtual size: 112KB