a9f2dce5245e0cce51b372277a5118f43af1bd18e10f60c1bd2acf6e5b475586

Sharing

Copy URL Twitter E-mail

General

Target

a9f2dce5245e0cce51b372277a5118f43af1bd18e10f60c1bd2acf6e5b475586
Size

356KB
MD5

0c116656fa484c5ef637fa6a3e8f14a0
SHA1

ada72f412dec744a18521d74e1a144b6beb7d632
SHA256

a9f2dce5245e0cce51b372277a5118f43af1bd18e10f60c1bd2acf6e5b475586
SHA512

5f582febc0872e230164397f196803340fe4f42e3fa0f29f63347f0ae74a99a60839dfdcdf902bbba3cbc92407437ac337edb6b0388248a45aadc8853c28309d
SSDEEP

6144:SwsOZb66OIfamc6RO9RbRpVEAwyExDK42nFhNfUaReHPDMqy9ccKSll9Ce2TThDn:vZrOC7c6RkRb3VEAwyExu42nFhbYDMqb

Score

N/A

Malware Config

Signatures

Files

a9f2dce5245e0cce51b372277a5118f43af1bd18e10f60c1bd2acf6e5b475586
.dll regsvr32 windows x86

0bd8ec2b563df9c75e64f70e20f79c86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wcsdup
_finite
_isnan
??2@YAPAXI@Z
_purecall
wcsncmp
memmove
_wsetlocale
swscanf
_onexit
__dllonexit
wcslen
free
_initterm
_CIfmod
wcsncpy
_ftol
wcscmp
_vsnprintf
_snprintf
_except_handler3
malloc
_adjust_fdiv
??3@YAXPAX@Z

kernel32

GlobalSize
GlobalLock
DeleteFileW
lstrlenA
WideCharToMultiByte
lstrlenW
lstrcpyW
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
lstrcatW
GetModuleFileNameW
GetShortPathNameW
FreeLibrary
GetProcAddress
LoadLibraryW
DisableThreadLibraryCalls
CloseHandle
GetLastError
WriteFile
CreateFileW
IsBadStringPtrW
lstrcpynW
lstrcmpW
CopyFileW
SystemTimeToFileTime
GetLocalTime
GetTempFileNameW
GetTempPathW
MultiByteToWideChar
InitializeCriticalSection
RaiseException
LoadLibraryA
InterlockedExchange
LocalAlloc
GlobalDeleteAtom
GetCurrentProcessId
GlobalAddAtomW
GetSystemTime
InitializeCriticalSectionAndSpinCount
GlobalAlloc
GlobalFree
GetProcessHeap
HeapAlloc
HeapFree
lstrcatA
OutputDebugStringA
WaitForSingleObject
ResetEvent
GetCurrentThreadId
SetEvent
TryEnterCriticalSection
CreateEventW
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
IsBadReadPtr
IsBadWritePtr
InterlockedCompareExchange
GlobalUnlock

user32

GetPropW
UnionRect
GetKeyState
SetPropW
RemovePropW
IsWindow
GetWindowThreadProcessId
DestroyCursor
InflateRect
CharNextW
CopyRect
SetRectEmpty
IntersectRect
EqualRect
wsprintfW
InvalidateRect
GetDC
OffsetRect
FillRect
ReleaseDC
SetRect
IsRectEmpty
PtInRect
CreateIconIndirect
GetDesktopWindow
MapWindowPoints
GetClientRect

ole32

CoCreateInstance
CoCreateFreeThreadedMarshaler
GetHGlobalFromStream
CLSIDFromString
StringFromCLSID
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal

oleaut32

RegisterTypeLi
LoadTypeLi
SysAllocString
SysAllocStringLen
SysStringLen
DispCallFunc
SysStringByteLen
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
VariantChangeType
SafeArrayUnaccessData
SysFreeString
VariantClear
VariantInit

gdi32

Rectangle
PatBlt
CreateDIBSection
Ellipse
GdiFlush
CreateRectRgn
SaveDC
RestoreDC
GetStockObject
CreateSolidBrush
BitBlt
DeleteDC
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
CreateBitmap

mspgimme

EPMsoLoadLibraryByName

rtutils

TraceVprintfExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0bd8ec2b563df9c75e64f70e20f79c86

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

ole32

oleaut32

gdi32

mspgimme

rtutils

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 223KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 12KB - Virtual size: 11KB

.text Size: 108KB - Virtual size: 112KB

.text
Size: 224KB - Virtual size: 223KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 12KB - Virtual size: 11KB

.text
Size: 108KB - Virtual size: 112KB