5d0ca737ccd8e1a96017e83d067414471852eec180e49557eeca7ea1e2a70721

Sharing

Copy URL Twitter E-mail

General

Target

5d0ca737ccd8e1a96017e83d067414471852eec180e49557eeca7ea1e2a70721
Size

144KB
MD5

0063dccaeece6ba7710678bfb3c56f9e
SHA1

fe11bcfa2e3026bcc00aabe4dc0eccf0c7d996a1
SHA256

5d0ca737ccd8e1a96017e83d067414471852eec180e49557eeca7ea1e2a70721
SHA512

dbd46c542bac25ab2c64bb1e69e90f8fa4c9327c668c61b703d740be9da7ea4236d2798e78c01f3ef97b9d62f1a7e8a7d5585aebb23fb8ed3f49ced464b502b2
SSDEEP

3072:YlbC1Rfy/42/S9fvy29eMZzCbQXmClb/muRXL2N1ZZ9YcBwIPpg/7Y:6bC1R842q9yCCbclNRXM1FYcXPyDY

Score

N/A

Malware Config

Signatures

Files

5d0ca737ccd8e1a96017e83d067414471852eec180e49557eeca7ea1e2a70721
.dll regsvr32 windows x86

9be13f2b612903afc1c77de2fac14181

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLocaleInfoA
InterlockedDecrement
InterlockedIncrement
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
MultiByteToWideChar
GetModuleFileNameA
lstrcpynA
GetFileAttributesA
GetVersion
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
FreeLibrary
HeapReAlloc
lstrcpyA
WideCharToMultiByte
LoadResource
FindResourceA
lstrlenA
HeapAlloc
HeapFree
LockResource
lstrlenW
GetProcessHeap
LeaveCriticalSection
EnterCriticalSection
IsBadWritePtr
lstrcatA

user32

SetParent
EndPaint
BeginPaint
MoveWindow
DestroyWindow
ReleaseDC
GetDC
CharNextA
PtInRect
IntersectRect
GetActiveWindow
DefWindowProcA
OffsetRect
EqualRect
SetWindowRgn
GetKeyState
SetFocus
SetDlgItemTextA
UnregisterClassA
SetWindowLongA
LoadAcceleratorsA
GetDlgItem
GetWindowRect
ScreenToClient
EnableWindow
GetSystemMetrics
SetRect
SetWindowPos
GetDialogBaseUnits
CreatePopupMenu
InsertMenuItemA
SetWindowTextA
GetFocus
GetNextDlgTabItem
ShowWindow
InvalidateRect
DialogBoxParamA
CreateWindowExA
GetClientRect
CharPrevW
LoadCursorA
RegisterClassA
EndDialog
GetWindowTextLengthA
GetWindowTextA
MessageBoxA
ClientToScreen
SetRectEmpty
CreateDialogIndirectParamA
EnableMenuItem
TrackPopupMenuEx
GetWindowLongA
GetParent
SendMessageA
LoadStringA
IsWindowVisible
CharNextW
wsprintfA
TranslateAcceleratorA

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey

oleaut32

SetErrorInfo
OleCreatePropertyFrame
SysAllocStringLen
LoadTypeLibEx
UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi
SysAllocString
VariantInit
VariantChangeType
VariantClear
LoadRegTypeLi
SysFreeString
LHashValOfNameSys
CreateErrorInfo

gdi32

SetViewportExtEx
SetMapMode
SetWindowExtEx
LPtoDP
CreateRectRgnIndirect
CreateDCA
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
GetViewportExtEx
GetWindowExtEx
CreateCompatibleDC
GetDeviceCaps

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterDesigner
DllRegisterServer
DllUnregisterDesigner
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9be13f2b612903afc1c77de2fac14181

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 54KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 8KB - Virtual size: 4KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 56KB - Virtual size: 54KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 8KB - Virtual size: 4KB

.rmnet
Size: 60KB - Virtual size: 60KB