b317cc8beab8c8259fd21bed924c538d8367acc5d7579cebf7c37084d5f00f04

Sharing

Copy URL Twitter E-mail

General

Target

b317cc8beab8c8259fd21bed924c538d8367acc5d7579cebf7c37084d5f00f04
Size

315KB
MD5

80a45121524a889bce114bebe9464dd0
SHA1

0a894255f7bddf2fa076deb49f319fe701ca03d1
SHA256

b317cc8beab8c8259fd21bed924c538d8367acc5d7579cebf7c37084d5f00f04
SHA512

10516ca3609c007ec9d6f07977eb995a22842850e19931cf278c3ffa5dd2c4adda413025b7f892c69367256b5ce7be02c20d80cb9e126d34bdb4b475c9bbd6ba
SSDEEP

6144:souDpd1/9OYrWb+ve4fxjgQz2JjlbQV1v1C+e947BM:RUr9O7bl4Z8QzUl0P1TeGM

Score

N/A

Malware Config

Signatures

Files

b317cc8beab8c8259fd21bed924c538d8367acc5d7579cebf7c37084d5f00f04
.dll regsvr32 windows x86

b580c8f979967bea73b52587121d0736

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord823
ord825

msvcrt

_onexit
__dllonexit
wcscpy
swprintf
_except_handler3
__CxxFrameHandler
_wcsicmp
_CxxThrowException
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_adjust_fdiv
malloc
_initterm
_purecall
free
wcsncmp
realloc
_endthread
_beginthread
mbstowcs

atl

ord16
ord58
ord32
ord15
ord23
ord22
ord18
ord43
ord44
ord21

mmfutil

?DisplayAVIBox@@YGHPAUHWND__@@PBG1PAPAU1@@Z
?DisplayUserMessage@@YGHPAUHWND__@@PAUHINSTANCE__@@IIW4ERROR_SRC@@JI@Z

kernel32

MultiByteToWideChar
lstrlenA
GetModuleHandleA
GetLastError
GetModuleHandleW
GetProcAddress
FlushInstructionCache
GetCurrentProcess
InterlockedIncrement
lstrlenW
LoadLibraryW
SetLastError
OutputDebugStringA
LoadLibraryA
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
GetShortPathNameW
lstrcmpiW
lstrcpyW
GlobalFree
GlobalAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
VirtualProtect
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
GetProcessHeap
HeapAlloc
VirtualFree
VirtualAlloc
CloseHandle
GetCurrentThread
CreateEventW
SetEvent
SetThreadPriority
LocalFree
GetVersionExW
GetModuleFileNameW
WaitForSingleObject

user32

GetDlgItem
MsgWaitForMultipleObjects
LoadStringW
SendMessageW
EnableWindow
PeekMessageW
DispatchMessageW
IsWindow
GetSystemMetrics
ShowCursor
LoadCursorW
SetCursor
LoadImageW
LoadBitmapW
RegisterClipboardFormatW
GetParent
wsprintfW
LoadIconW
PostMessageW
SetDlgItemTextW
SetFocus
InvalidateRect
UpdateWindow
WinHelpW
SetWindowLongW

advapi32

RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW

oleaut32

SysAllocStringByteLen
SysStringLen
VariantClear
VariantCopy
VariantInit
SysAllocString
SysFreeString
VariantChangeType

ole32

CoCreateInstance
OleRun
CoQueryProxyBlanket
CoInitialize
CoMarshalInterThreadInterfaceInStream
CoUninitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoGetInterfaceAndReleaseStream

gdi32

DeleteObject

Exports

Exports

ServiceMain
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b580c8f979967bea73b52587121d0736

Headers

File Characteristics

Imports

mfc42u

msvcrt

atl

mmfutil

kernel32

user32

advapi32

oleaut32

ole32

gdi32

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 33KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 273KB - Virtual size: 273KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 273KB - Virtual size: 273KB

.reloc
Size: 5KB - Virtual size: 4KB