66d2f27d2d3370ceb6bb314d657b52279415221a1e4a33345136fbc80d41a290

Sharing

Copy URL Twitter E-mail

General

Target

66d2f27d2d3370ceb6bb314d657b52279415221a1e4a33345136fbc80d41a290
Size

34KB
MD5

7235e21884e12c6acdda7c4ae0cee8cf
SHA1

70fdad7fdc45ef28e5d347c3083484878ee73bac
SHA256

66d2f27d2d3370ceb6bb314d657b52279415221a1e4a33345136fbc80d41a290
SHA512

ac154fd806d434bfa6df29bc6d4d402872ff323442e4ec5065a9fa6c7f537789c71713e82eb02294e54d05652718df3516e5697ce67b4df8cd56b26768d286f3
SSDEEP

768:N+VctSJQ+RVDuJuyaZO97EqyxXANNLrm+QrOnoLusd:xQHfEF9JyhuYOnoF

Score

N/A

Malware Config

Signatures

Files

66d2f27d2d3370ceb6bb314d657b52279415221a1e4a33345136fbc80d41a290
.cab
GainPlugin.dll
.dll regsvr32 windows x86

6d0578a339a5b39edc781a9f57465620

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetCrackUrlA
InternetCloseHandle

setupapi

SetupIterateCabinetA

kernel32

lstrlenW
MultiByteToWideChar
GetShortPathNameA
GetModuleHandleA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
GetCurrentThreadId
FlushInstructionCache
InterlockedDecrement
GetTickCount
CreateThread
MulDiv
DeleteFileA
FindClose
FindFirstFileA
GetTempPathA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
WaitForSingleObject
RemoveDirectoryA
SetLastError
WritePrivateProfileStringA
GetLocalTime
ReleaseSemaphore
OpenSemaphoreA
SetEvent
OpenEventA
CreateProcessA
GetFileAttributesA
FindNextFileA
GetWindowsDirectoryA
MoveFileExA
DebugBreak
HeapReAlloc
HeapFree
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapCreate
GetVersionExA
GetSystemInfo
HeapAlloc
GetModuleFileNameA
DisableThreadLibraryCalls
lstrlenA
lstrcpynA
CreateFileA
GetLastError
WriteFile
Sleep
CloseHandle
GetStringTypeA
GetStringTypeW
GetCurrentProcess
RtlUnwind

user32

SetWindowRgn
SetWindowPos
DestroyWindow
GetParent
SetFocus
GetFocus
IsChild
GetClassInfoExA
LoadCursorA
CharNextA
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA
ShowWindow
GetKeyState
DefWindowProcA
wsprintfA
PostMessageA
wvsprintfA
GetSysColor
InflateRect
BeginPaint
GetClientRect
EndPaint
GetDC
ReleaseDC
InvalidateRect
IntersectRect
IsWindow
EqualRect
RegisterClassExA
OffsetRect

olepro32

ord250

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey

ole32

OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CreateOleAdviseHolder

oleaut32

SysAllocStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
VariantClear
SysFreeString
SysAllocString
SysStringLen

gdi32

SetPixel
DeleteDC
RestoreDC
GetTextExtentPoint32A
ExtTextOutA
SetTextAlign
SetTextColor
SetBkColor
SelectObject
GetStockObject
EnumFontFamiliesExA
CreateFontIndirectA
DeleteObject
CreateDCA
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
CreateRectRgnIndirect
SetViewportOrgEx

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GainPlugin.inf

Sharing

General

Malware Config

Signatures

Files

6d0578a339a5b39edc781a9f57465620

Headers

File Characteristics

Imports

wininet

setupapi

kernel32

user32

olepro32

advapi32

ole32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 2KB