89fac308e0e6898059c7cc7a4a37cf15b21e3fc325cd2847be60c49bd606ab34

Sharing

Copy URL Twitter E-mail

General

Target

89fac308e0e6898059c7cc7a4a37cf15b21e3fc325cd2847be60c49bd606ab34
Size

500KB
MD5

07079e7a18f23f9f06e1ca50c91e4e60
SHA1

a66b7bc430f9cecf314f1627896c3b5b3e11c9a9
SHA256

89fac308e0e6898059c7cc7a4a37cf15b21e3fc325cd2847be60c49bd606ab34
SHA512

9b6d76e99936ba335d3ecb04b91f7b77e9f01806b815a26e2ab779a3c82c3bbc1f3de985901d63ac1680b849449049f4563c3df48253dab5afc7acb82a1fbcfb
SSDEEP

6144:GBBTLV3kA4Zn/s4Ob9solW64OsvUXzhoLb3AaN1ZN7IBD6Ab6lxCMZros8Dx:GvLVUAiC+UXCH3AaP7yDDECMqs8d

Score

N/A

Malware Config

Signatures

Files

89fac308e0e6898059c7cc7a4a37cf15b21e3fc325cd2847be60c49bd606ab34
.dll regsvr32 windows x86

830f4ab43a868cc35d7be2d79283a6ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegSetValueA
RegSetValueExA

kernel32

GetTimeFormatA
GetDateFormatW
GetDateFormatA
GetLocaleInfoW
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
SetLastError
GetSystemTime
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
GetVersionExA
LoadLibraryA
FreeLibrary
Sleep
GetModuleFileNameA
LoadLibraryExA
FindResourceA
LoadResource
LockResource
SizeofResource
FreeResource
TlsFree
TlsAlloc
GetTimeFormatW
GetSystemInfo
VirtualQuery
InterlockedExchange
TlsSetValue
IsBadReadPtr
IsBadStringPtrW
GetACP
GetSystemDefaultLCID
GetLocaleInfoA
IsValidCodePage
IsValidLocale
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetUserDefaultLCID
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetProcAddress
GetComputerNameA
MultiByteToWideChar
TlsGetValue
GetNumberFormatA
GetNumberFormatW
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetVersion

msvcrt

_tzset
malloc
memmove
free
_wcsdup
wcslen
_wcsicmp
??3@YAXPAX@Z
??2@YAPAXI@Z
_except_handler3
_onexit
__dllonexit
_adjust_fdiv
_initterm
_CIpow
_isnan
_ftime
fmod
atan2
pow
tan
sqrt
sin
log
exp
cos
atan
asin
acos
qsort
bsearch
wcscat
_ismbblead
_wcslwr
isalpha
isdigit
_wasctime
ceil
realloc
localtime
floor
_CIfmod
iswxdigit
swscanf
isalnum
wcsstr
wcscspn
sprintf
_abnormal_termination
longjmp
wcscpy
_setjmp3
_wcsnicmp
atoi
wcsncmp
wcsncpy
strrchr
_ltow
wcschr
strtoul
wcscmp
swprintf
_vsnwprintf
_purecall
_clearfp
_control87
_ftol
_ultow
towlower

ole32

CoGetClassObject
CLSIDFromProgID
CreateBindCtx
MkParseDisplayName
BindMoniker
CLSIDFromString
StringFromCLSID
CoTaskMemFree
CoCreateInstance

oleaut32

SysAllocStringLen
SysFreeString
GetActiveObject
SysStringLen
VariantCopy
SafeArrayDestroy
SysAllocString
SafeArrayCreate
SafeArrayRedim
CreateTypeLi
VariantInit
VariantCopyInd
VariantClear
SysStringByteLen
SysAllocStringByteLen
GetErrorInfo
CreateTypeLib2
LoadTypeLibEx
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
VariantChangeTypeEx
LoadTypeLi
LoadRegTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 372KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

830f4ab43a868cc35d7be2d79283a6ff

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

ole32

oleaut32

Exports

Exports

Sections

.text Size: 372KB - Virtual size: 369KB

.data Size: 16KB - Virtual size: 15KB

.rsrc Size: 32KB - Virtual size: 30KB

.reloc Size: 16KB - Virtual size: 14KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 372KB - Virtual size: 369KB

.data
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 32KB - Virtual size: 30KB

.reloc
Size: 16KB - Virtual size: 14KB

.rmnet
Size: 60KB - Virtual size: 60KB