6a06749b1efcc157b3ea6cf5eefff32cc86ab73fe19356b3e7d189aa481d8c5a

General

Target

6a06749b1efcc157b3ea6cf5eefff32cc86ab73fe19356b3e7d189aa481d8c5a
Size

108KB
MD5

8170bae422cab1c2dcd0be965fa14fa3
SHA1

3f9fda23c2a1ccab1e3a30854b008ed7a48dfff3
SHA256

6a06749b1efcc157b3ea6cf5eefff32cc86ab73fe19356b3e7d189aa481d8c5a
SHA512

e0fcf8e51d60d829f0a6aad91a16c736af9cc97bb74761da266a550bcdd6b7e20b339950de2f690a89f24c8725e39523199b03a74cf1cc2a2a0a5e0fd994f5fc
SSDEEP

3072:XUecJQLHjwlp/EtR+6Z5fq1I1By74bqmxH:kecJQLDw4fH9vMG

Score

N/A

Malware Config

Signatures

Files

6a06749b1efcc157b3ea6cf5eefff32cc86ab73fe19356b3e7d189aa481d8c5a
.dll regsvr32 windows x86

0859d3cd07b700b8c0596a050e0408ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileW
GetProcAddress
GetModuleFileNameW
WaitForMultipleObjects
QueryDosDeviceW
FreeLibrary
GetCurrentProcessId
GetFileSize
lstrlenW
VirtualAlloc
Sleep
GetCurrentThread
CreateEventW
GetDriveTypeW
CreateProcessW
LoadLibraryW
SetFilePointer
InterlockedDecrement
FreeResource
lstrcpyW
WideCharToMultiByte
GetLocalTime
GlobalAlloc
LoadLibraryA
SuspendThread
GlobalLock
CreateFileW

user32

SetLayeredWindowAttributes
GetKeyState
RegisterWindowMessageW
LoadBitmapW
WindowFromPoint
AppendMenuW
IsWindow
SetForegroundWindow
GetSystemMetrics
LoadStringW
GetSysColor
wsprintfW
GetWindowThreadProcessId
RedrawWindow
SendMessageW
GetWindowDC
FillRect
SystemParametersInfoW
CreateWindowExW

gdi32

DeleteDC
DeleteObject
SetBkColor
GetDeviceCaps
SetBkMode
CreateFontIndirectW
CreateBitmap
CreateCompatibleBitmap

advapi32

LookupPrivilegeValueW
StartServiceW
RegDeleteValueW
GetUserNameW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.twxqzl
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uozke
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rkfvun
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0859d3cd07b700b8c0596a050e0408ba

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.twxqzl Size: 88KB - Virtual size: 87KB

.uozke Size: 4KB - Virtual size: 1KB

.rkfvun Size: 4KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 6KB

.twxqzl
Size: 88KB - Virtual size: 87KB

.uozke
Size: 4KB - Virtual size: 1KB

.rkfvun
Size: 4KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 6KB