7a6a40c2e80e01ade1c05213e425053be199cdf4db16ceefe257c36da96e1246

Sharing

Copy URL

Twitter E-mail

General

Target

7a6a40c2e80e01ade1c05213e425053be199cdf4db16ceefe257c36da96e1246
Size

276KB
MD5

448f2b1f150907e3fcfa0d23936fd677
SHA1

b7c66d4cc3b66572c55f7e60e3bd76e45f867773
SHA256

7a6a40c2e80e01ade1c05213e425053be199cdf4db16ceefe257c36da96e1246
SHA512

301d58960d1e43c24668c17e4e791592ffb346e38fce5df9bfde1168829e55cd3aae2d51e9b37f61787cebb794ab2b93dc0caaa45624806ec2fc823870f89125
SSDEEP

6144:7/R0eiKUFxAbswt/LnzrqOlYZCVUY48du+32:V0eDUFxAQwtzzKCVX48vm

Score

N/A

Malware Config

Signatures

Files

7a6a40c2e80e01ade1c05213e425053be199cdf4db16ceefe257c36da96e1246
.dll regsvr32 windows x86

cd0f1074263bba9cbb1e9b5ff58d3b97

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyA

shfolder

SHGetFolderPathW

kernel32

SetThreadLocale
GetThreadLocale
GetSystemDirectoryW
GetWindowsDirectoryW
GetTickCount
lstrcpyA
CreateFileA
FormatMessageA
LoadLibraryA
GetProcAddress
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
SetEvent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetLocaleInfoA
GetACP
CreateEventA
CreateThread
GetModuleHandleA
GetVersion
WaitForSingleObject
CloseHandle
Sleep
lstrcmpiA
FindResourceExA
GetLastError
InterlockedExchange
GetComputerNameA
GlobalDeleteAtom
GlobalAddAtomA
LocalAlloc
GetPrivateProfileStringA
GetPrivateProfileIntA
LocalFree
WritePrivateProfileStringA
SetLastError
GetModuleFileNameA
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalGetAtomNameA
GetCurrentThreadId
MultiByteToWideChar
GetCurrentProcess
FlushInstructionCache
FindResourceA
LoadResource
GetSystemTimeAsFileTime
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryExA
FreeLibrary
IsDBCSLeadByte
IsProcessorFeaturePresent
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId

user32

SetWindowLongA
IsWindow
GetClassInfoExA
LoadCursorA
DestroyWindow
DefWindowProcA
RegisterClassExA
CreateWindowExA
GetWindowLongA
CallWindowProcA
RegisterWindowMessageA
PostMessageA
UnregisterClassA
CharNextA
GetMessageA
PostThreadMessageA
LoadStringA
MessageBoxA
wsprintfA
TranslateMessage
DispatchMessageA

advapi32

GetSecurityDescriptorDacl
AddAce
RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
GetAclInformation
GetSecurityDescriptorControl
MakeAbsoluteSD
GetSecurityDescriptorSacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
InitializeSecurityDescriptor
RegDeleteKeyA
RegDeleteValueA
RegQueryInfoKeyA
DeregisterEventSource
ReportEventA
RegisterEventSourceA
SetServiceStatus
CloseServiceHandle
OpenServiceA
OpenSCManagerA
QueryServiceStatus
ControlService
GetLengthSid
IsValidSid
CopySid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RegEnumKeyExA
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
CreateServiceA
DeleteService
RegisterServiceCtrlHandlerA
RegQueryValueExW
RegEnumValueW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
InitializeAcl

ole32

CoCreateInstance
CLSIDFromString
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoInitialize
CoUninitialize
CoInitializeSecurity
ProgIDFromCLSID

oleaut32

CreateErrorInfo
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
VariantInit
VariantCopy
LoadTypeLi
LoadRegTypeLi
SysStringByteLen
SetErrorInfo
SysAllocStringByteLen
SysAllocString
VariantClear
VarBstrCmp
SysAllocStringLen
VarBstrCat
SysFreeString
SysStringLen

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr80

__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
__dllonexit
_encode_pointer
_unlock
?terminate@@YAXXZ
_except_handler4_common
isxdigit
iswctype
_mbschr
atoi
_wtoi
wcschr
wcslen
_wcsicmp
_vscprintf
_vsnprintf_s
puts
wcscmp
strcat_s
wcsncpy_s
strcpy_s
memmove_s
_mbsicmp
strlen
_ltoa_s
_mbsnbcpy_s
_invalid_parameter_noinfo
memcmp
_resetstkoflw
malloc
_itoa_s
atol
calloc
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
sprintf_s
memcpy_s
_CxxThrowException
free
??3@YAXPAX@Z
??_V@YAXPAX@Z
_purecall
vsprintf_s
memset
_recalloc

Exports

Exports

?COMWndProc@@YGJPAUHWND__@@IIJ@Z
DllCanUnloadNow
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cd0f1074263bba9cbb1e9b5ff58d3b97

Headers

File Characteristics

Imports

shlwapi

shfolder

kernel32

user32

advapi32

ole32

oleaut32

msvcp80

msvcr80

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 108KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 24KB - Virtual size: 22KB

.reloc Size: 16KB - Virtual size: 14KB

.text Size: 64KB - Virtual size: 64KB

.text
Size: 112KB - Virtual size: 108KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 24KB - Virtual size: 22KB

.reloc
Size: 16KB - Virtual size: 14KB

.text
Size: 64KB - Virtual size: 64KB