eeae39b8ec94565046dcf63a5516fc46a5266e9effa1ee24fae9dcd1f611c6fd

Sharing

Copy URL

Twitter E-mail

General

Target

eeae39b8ec94565046dcf63a5516fc46a5266e9effa1ee24fae9dcd1f611c6fd
Size

164KB
MD5

4a64e853745b58a4f70d917566c948b0
SHA1

78c68f3a81a83bb8276bab954310544e7c5d1fcd
SHA256

eeae39b8ec94565046dcf63a5516fc46a5266e9effa1ee24fae9dcd1f611c6fd
SHA512

31225f09a0b89af4377c17e95426ab089a4689e9bbc1b0e6edf78e15adabddeb1483ded52bfcc991f46d3982d9eb96fe2bc7eccd288022b211900a34ef6da872
SSDEEP

3072:jU+zTL8SEs9ulWcVwUN2GjkuKZIAX9Cb8YQaYNBUpSSk/Jo6mmwe:gOTZAljVwQgX9e4Npq6mm/

Score

N/A

Malware Config

Signatures

Files

eeae39b8ec94565046dcf63a5516fc46a5266e9effa1ee24fae9dcd1f611c6fd
.dll regsvr32 windows x86

1ff8924481e7506f482f99eafb98439d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
FlushInstructionCache
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
HeapSize
LocalAlloc
LoadLibraryA
GetVersionExA
RaiseException
HeapDestroy
MulDiv
GetFileSize
ReadFile
CloseHandle
lstrlenA
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
LeaveCriticalSection
EnterCriticalSection
GetLastError
MultiByteToWideChar
FindClose
SizeofResource
GetProcAddress
LoadResource
LockResource

user32

GetFocus
UnregisterClassA
DestroyAcceleratorTable
SetWindowPos
GetParent
PtInRect
ClientToScreen
GetSystemMetrics
GetDlgCtrlID
SetCursor
UpdateWindow
EndDialog
MoveWindow
GetWindowRect
GetWindow
GetSysColor
ReleaseDC
GetDesktopWindow
GetDC
ReleaseCapture
SetCapture
FillRect
GetClientRect
InvalidateRect
InvalidateRgn
EndPaint
BeginPaint
SetFocus
IsChild
DestroyWindow
IsWindow
GetDlgItem
RedrawWindow
GetActiveWindow
IsWindowEnabled
SendMessageA
EnableWindow
GetCursorPos
SetCursorPos
MapWindowPoints
KillTimer
SetTimer
ScreenToClient

gdi32

CreateSolidBrush
CreateCompatibleDC
MoveToEx
CreatePen
SelectObject
BitBlt
CreateCompatibleBitmap
DeleteObject
GetStockObject
LineTo
DeleteDC
GetDeviceCaps

comctl32

ImageList_Destroy

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString

oleaut32

RegisterTypeLi
LoadTypeLi
DispCallFunc
LoadRegTypeLi
VariantInit
VariantClear
OleCreateFontIndirect
SysFreeString
SysAllocString
SysAllocStringLen
SysStringLen
VarUI4FromStr
SysStringByteLen

msvcr70

memset
_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
qsort
_wcsnicmp
iswspace
_wtol
_itow
iswdigit
wcstoul
_except_handler3
wcsrchr
wcslen
??_U@YAPAXI@Z
realloc
free
wcstok
wcscat
wcscpy
??2@YAPAXI@Z
_wcsicmp
_purecall
memmove
??_V@YAXPAX@Z
??3@YAXPAX@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
VSDllRegisterServer
VSDllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1ff8924481e7506f482f99eafb98439d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

advapi32

ole32

oleaut32

msvcr70

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 73KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 6KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 76KB - Virtual size: 73KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 6KB

.rmnet
Size: 60KB - Virtual size: 60KB