a288cebca0391a25a494eb156c13bef9b9724f932b8e90f07f4ee3141603e213

Sharing

Copy URL Twitter E-mail

General

Target

a288cebca0391a25a494eb156c13bef9b9724f932b8e90f07f4ee3141603e213
Size

120KB
MD5

7823229b4a94dbbd8847435461e65730
SHA1

e52542b4cc738ad7b30084806ddc663ba0a4bde7
SHA256

a288cebca0391a25a494eb156c13bef9b9724f932b8e90f07f4ee3141603e213
SHA512

04fbda34abc616c6298f9f198a62fcd06dbf21077cd43910759a01cd153621e05f8d09e9d41047a3e0ab7df1dd36fe13f0b4aa170d95d32d20acd083cf287624
SSDEEP

3072:EvMEYIp5fyCDJMobPQ7DFifpSN6U37zdGo:6YGfltiiRub3g

Score

N/A

Malware Config

Signatures

Files

a288cebca0391a25a494eb156c13bef9b9724f932b8e90f07f4ee3141603e213
.dll regsvr32 windows x86

53e23775e7f34803784bb35dee67fc0b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
LocalFree
LocalAlloc
FormatMessageA
CloseHandle
CreateFileA
GetPrivateProfileStringA
lstrcpynA
IsDBCSLeadByte
MultiByteToWideChar
FindResourceA
GetLastError
LoadLibraryExA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
lstrlenW
WideCharToMultiByte
lstrlenA
EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileIntA

user32

CharNextA
wsprintfA
LoadStringA
DefWindowProcA
GetWindowLongA

advapi32

RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA

ole32

ProgIDFromCLSID
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

oleaut32

SysAllocStringLen
SysFreeString
SysAllocStringByteLen
CreateErrorInfo
SetErrorInfo
VarUI4FromStr
RegisterTypeLi
LoadRegTypeLi
SysStringLen
SysAllocString
LoadTypeLi

msvcrt

_isctype
_pctype
iswctype
_ftol
floor
_mbschr
_itoa
wcscpy
__CxxFrameHandler
localtime
memcmp
atol
realloc
malloc
memset
??2@YAPAXI@Z
isdigit
free
memcpy
??3@YAXPAX@Z
atoi
_initterm
__mb_cur_max
_adjust_fdiv
__dllonexit
_onexit

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

Exports

Exports

?COMWndProc@@YGJPAUHWND__@@IIJ@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

53e23775e7f34803784bb35dee67fc0b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msvcrt

msvcp60

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 8KB - Virtual size: 5KB

.rmnet Size: 48KB - Virtual size: 48KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 8KB - Virtual size: 5KB

.rmnet
Size: 48KB - Virtual size: 48KB