aabd20a3a1f98aa63f4c4372872b66e6bb157c7efdd06373a225416850843c9b

Sharing

Copy URL Twitter E-mail

General

Target

aabd20a3a1f98aa63f4c4372872b66e6bb157c7efdd06373a225416850843c9b
Size

235KB
MD5

4d7866341c1a06fa14e7e34b6d1334c0
SHA1

4f4d1d4d9d9a55bda856f99ef480b60de1f2b44a
SHA256

aabd20a3a1f98aa63f4c4372872b66e6bb157c7efdd06373a225416850843c9b
SHA512

8e411be7ac0a109dbab68a9b28565aa29f608169952a2cb5ded38c1f91d1f6894248c16d3cbb094a50f68f4c6864bb67df8241f34f15b64bce5dd2cbfa4c9bd3
SSDEEP

6144:VdbYB22LKh/Z3K4YvVX6hZOodp84vLZUeP:LUB27tdyy

Score

N/A

Malware Config

Signatures

Files

aabd20a3a1f98aa63f4c4372872b66e6bb157c7efdd06373a225416850843c9b
.dll regsvr32 windows x86

808234416d5c1a6418ae08f4aa7368b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr71

__CxxFrameHandler
__security_error_handler
memset
??1type_info@@UAE@XZ
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
__CppXcptFilter
_adjust_fdiv
_initterm
wcscmp
memmove
wcslen
_vscwprintf
vswprintf
iswspace
_wcsicmp
_wtoi
malloc
_purecall
realloc
_CxxThrowException
wcsncpy
free

kernel32

GetLocaleInfoA
InitializeCriticalSection
GetACP
RaiseException
InterlockedExchange
GetThreadLocale
DeleteCriticalSection
GetCurrentThreadId
LoadResource
DisableThreadLibraryCalls
GlobalUnlock
GlobalLock
GlobalAlloc
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
GetCurrentProcess
FlushInstructionCache
GetProcessHeap
HeapAlloc
MulDiv
InterlockedIncrement
FreeLibrary
SizeofResource
GetLastError
GlobalSize
GlobalFree
LockResource
HeapFree
CompareStringA
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
SetLastError
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
ExitProcess

user32

SetWindowRgn
SetWindowPos
UnionRect
PtInRect
DestroyWindow
OffsetRect
IntersectRect
EndPaint
GetDC
ReleaseDC
GetParent
GetClientRect
GetKeyState
IsWindow
EqualRect
SetFocus
GetFocus
IsChild
InvalidateRect
ShowWindow
DestroyIcon
GetDesktopWindow
FillRect
InvalidateRgn
ReleaseCapture
SetCapture
RedrawWindow
GetDlgItem
GetWindow
GetSysColor
DestroyAcceleratorTable
BeginPaint

advapi32

RegCloseKey

gdi32

DeleteDC
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
RestoreDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
GetDeviceCaps
GetStockObject
DeleteObject
SelectObject
BitBlt
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap

ole32

OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromCLSID
ReleaseStgMedium
CoTaskMemRealloc
StringFromGUID2
OleRegEnumVerbs
OleRegGetUserType
CreateOleAdviseHolder
CoTaskMemFree
CoCreateInstance
OleUninitialize
OleRegGetMiscStatus
CreateDataAdviseHolder
OleLoadFromStream
WriteClassStm
CoTaskMemAlloc
OleSaveToStream

oleaut32

LoadTypeLi
SysStringLen
SysAllocString
RegisterTypeLi
UnRegisterTypeLi
SysFreeString
VariantInit
OleCreatePropertyFrame
VariantClear
SysAllocStringByteLen
VariantChangeType
SysStringByteLen
VarUI4FromStr
OleCreateFontIndirect
SysAllocStringLen
LoadRegTypeLi

piutil11

?InitializeLeadTools@CCPIToolsConfig@@QAEJXZ
?GetMonikerDisplayName@@YAJPAUIUnknown@@AAV?$CStringT@_WV?$StrTraitBase@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@_N@Z
?CPITools_GetCPIToolsConfig@@YAAAVCCPIToolsConfig@@XZ

shlwapi

PathFindExtensionW

pibase11

?GetBaseStringManager@String@Base@@SAAAVCAtlStringMgr@ATL@@XZ
?AtlThrow@ATL@@YAXJ@Z
?New@BasePrivate@@YAPAXI_N@Z
?Delete@BasePrivate@@YAXPAX@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 121KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

808234416d5c1a6418ae08f4aa7368b6

Headers

File Characteristics

Imports

msvcr71

kernel32

user32

advapi32

gdi32

ole32

oleaut32

piutil11

shlwapi

pibase11

Exports

Exports

Sections

.text Size: 93KB - Virtual size: 92KB

.data Size: 7KB - Virtual size: 7KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 9KB - Virtual size: 9KB

.text Size: 121KB - Virtual size: 124KB

.text
Size: 93KB - Virtual size: 92KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 9KB - Virtual size: 9KB

.text
Size: 121KB - Virtual size: 124KB