b4e1ebead27b11a67113858491d4dfbd409215db6e877bfeb1015e8c57ecdcec

Sharing

Copy URL Twitter E-mail

General

Target

b4e1ebead27b11a67113858491d4dfbd409215db6e877bfeb1015e8c57ecdcec
Size

1.4MB
MD5

4b4041f8bf64191d962ce3c88217b340
SHA1

de81f5d1b1f02573684a1a633c4444593e28f4d7
SHA256

b4e1ebead27b11a67113858491d4dfbd409215db6e877bfeb1015e8c57ecdcec
SHA512

e7b4f8096430968164235256f77ae9b51423aa1f18782c9c05f8a7a82b350f4789e8602a80ae650f51a8af966202cc357dfee1cd3310484753b22783797e0d1e
SSDEEP

24576:eXtXb3rlqAksz6m3WfmrzjTNFPzVBUI4Sh2o0ZKpfk4VUY+3BaOyC06vnjXYMi+F:e9gAks2m3Whon05k7r6vlg/3kaw

Score

N/A

Malware Config

Signatures

Files

b4e1ebead27b11a67113858491d4dfbd409215db6e877bfeb1015e8c57ecdcec
.dll regsvr32 windows x86

2db21972500269e7606cb50fb803991c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateFreeThreadedMarshaler
CreateBindCtx
StringFromCLSID
CoTaskMemFree
CLSIDFromProgID
CoTaskMemAlloc
GetHGlobalFromStream
CreateStreamOnHGlobal
CoCreateInstance

shlwapi

UrlCombineW
ord15
StrCmpIW
ord150
ord44
ord45
PathIsURLW
ord28
StrCpyW
StrCatW
ord158
ord156
ord66
ord29
ord38
StrToIntW
StrCmpNIW
StrCmpNW
StrCmpW
UrlUnescapeW
PathSearchAndQualifyW
UrlCreateFromPathW
ord115
ord52
UrlCanonicalizeW
UrlGetLocationW
UrlIsW
PathIsRelativeW
PathCreateFromUrlW

kernel32

SetEvent
LocalAlloc
SetEndOfFile
ReadFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
VirtualQuery
VirtualProtect
LCMapStringW
LCMapStringA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
WriteFile
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
DebugBreak
lstrcpyA
lstrlenA
GetProcAddress
LoadLibraryA
FreeLibrary
MultiByteToWideChar
lstrcmpA
ExpandEnvironmentStringsA
GetModuleFileNameA
TlsGetValue
OutputDebugStringA
InterlockedDecrement
InterlockedIncrement
lstrlenW
HeapFree
HeapSize
HeapAlloc
HeapReAlloc
VirtualFree
VirtualAlloc
GetProcessHeap
TlsSetValue
CloseHandle
GetCurrentThreadId
DuplicateHandle
GetCurrentThread
GetCurrentProcess
GetModuleHandleA
GetVersionExA
TlsAlloc
TlsFree
WaitForSingleObject
GetTickCount
ReleaseSemaphore
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateSemaphoreA
CreateEventA
GetThreadContext
Sleep
ResumeThread
SuspendThread
ResetEvent
HeapDestroy
GetLastError
HeapCreate
GetSystemInfo
SetLastError
RaiseException
WideCharToMultiByte
LoadResource
LoadLibraryExA
FormatMessageA
FormatMessageW
FileTimeToSystemTime
SystemTimeToFileTime
GlobalUnlock
GlobalLock
GetThreadLocale
GetTimeFormatA
GetDateFormatA
GetTimeFormatW
GetDateFormatW
GetModuleHandleW
GetCPInfo
GetCommandLineA
RtlUnwind
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 967KB - Virtual size: 967KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 226KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2db21972500269e7606cb50fb803991c

Headers

File Characteristics

Imports

ole32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 967KB - Virtual size: 967KB

.data Size: 65KB - Virtual size: 66KB

.rsrc Size: 108KB - Virtual size: 107KB

.reloc Size: 59KB - Virtual size: 59KB

.rmnet Size: 226KB - Virtual size: 228KB

.text
Size: 967KB - Virtual size: 967KB

.data
Size: 65KB - Virtual size: 66KB

.rsrc
Size: 108KB - Virtual size: 107KB

.reloc
Size: 59KB - Virtual size: 59KB

.rmnet
Size: 226KB - Virtual size: 228KB