87482e7d58a9250dad0e42957343188e82e2b30666670ab70d01cbaf7f576437

Sharing

Copy URL Twitter E-mail

General

Target

87482e7d58a9250dad0e42957343188e82e2b30666670ab70d01cbaf7f576437
Size

448KB
MD5

0038bd23aaeff4b50e280c879f798a70
SHA1

19a6efa24564b937d3eb183631df09211a22fcee
SHA256

87482e7d58a9250dad0e42957343188e82e2b30666670ab70d01cbaf7f576437
SHA512

8d599f883b237baca7e278e00e0c5ada394336c366ff821f898b4ce41ec9e0995153e0888ed65592d1e6eeda5cced96c570c4cc13123289c55fba74c50a32f8a
SSDEEP

6144:8r6g94x37yYbaWhUFoxFugNpZpNOAfyUoz28pqJdlZndHN4s5ncLkVF:8r6gqMGxF5N/fbcL4

Score

N/A

Malware Config

Signatures

Files

87482e7d58a9250dad0e42957343188e82e2b30666670ab70d01cbaf7f576437
.dll regsvr32 windows x86

0e5510f827d32cec9b952bbdd7b09b93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
Sleep
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcessHeap
HeapFree
WideCharToMultiByte
LoadLibraryW
GlobalHandle
GlobalFree
GetModuleHandleW
LoadLibraryExW
SizeofResource
FreeLibrary
lstrcmpW
LoadResource
LockResource
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
SetLastError
lstrlenA
lstrlenW
MultiByteToWideChar
DisableThreadLibraryCalls
GetModuleFileNameW
GlobalLock
GlobalUnlock
FindResourceW
MulDiv
GlobalAlloc
GetCurrentProcess
FlushInstructionCache
lstrcmpiW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
InterlockedCompareExchange

user32

GetNextDlgTabItem
SendDlgItemMessageW
GetWindow
IsChild
GetDlgItem
SetWindowContextHelpId
ReleaseDC
ShowWindow
SendMessageW
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
DrawTextW
GetSysColor
SetWindowPos
CreateWindowExW
GetWindowLongW
LoadImageW
SetWindowLongW
CharNextW
PtInRect
UnionRect
MapDialogRect
GetClassInfoExW
LoadCursorW
EndPaint
GetClientRect
BeginPaint
CallWindowProcW
DefWindowProcW
DestroyWindow
SetFocus
GetFocus
GetParent
EnableWindow
SystemParametersInfoW
IsDialogMessageW
CopyAcceleratorTableW
GetKeyState
IsWindow
InvalidateRect
RegisterClassExW
MoveWindow
ClientToScreen
ScreenToClient
InvalidateRgn
RedrawWindow
SetCapture
GetClassNameW
ReleaseCapture
FillRect
GetDesktopWindow
DestroyAcceleratorTable
CreateAcceleratorTableW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
RegisterWindowMessageW
CreateDialogIndirectParamW
EnumChildWindows
PostMessageW
SetTimer
KillTimer
IsWindowEnabled
SetDlgItemTextW
GetDialogBaseUnits
SetRect
CopyRect
DrawFrameControl
InflateRect
GetDlgItemTextW
DrawFocusRect
DrawTextA
GetWindowRect
GetDC
UnregisterClassA

gdi32

SetBkMode
SetTextColor
Rectangle
SelectObject
GetStockObject
CreateDCW
DeleteDC
SetViewportOrgEx
SetMapMode
SetBkColor
GetObjectW
DeleteObject
CreateCompatibleBitmap
CreateMetaFileW
BitBlt
CreateSolidBrush
GetTextExtentPointW
GetTextMetricsW
CreateFontIndirectW
Polyline
CreatePen
DPtoLP
GetTextExtentPoint32W
SelectClipRgn
CreateRectRgn
Polygon
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
CreateCompatibleDC
LPtoDP
GetDeviceCaps

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

ole32

OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
ReadClassStm
CoCreateInstance
OleSaveToStream
WriteClassStm
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CreateOleAdviseHolder
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

CreateErrorInfo
SetErrorInfo
GetErrorInfo
OleTranslateColor
OleCreateFontIndirect
OleCreatePropertyFrame
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
DispCallFunc
LoadTypeLi
SysAllocString
SysAllocStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringByteLen
SysStringLen
SysFreeString
SysStringByteLen

msvcr80

__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
?terminate@@YAXXZ
memmove_s
_itoa_s
wcsstr
_purecall
??2@YAPAXI@Z
??_U@YAPAXI@Z
__CxxFrameHandler3
_resetstkoflw
swprintf_s
memset
calloc
_recalloc
wcscat_s
wcsncpy_s
wcscpy_s
_CxxThrowException
memcpy_s
free
malloc
??_V@YAXPAX@Z
??3@YAXPAX@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e5510f827d32cec9b952bbdd7b09b93

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

msvcr80

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 16KB - Virtual size: 13KB

.rsrc Size: 20KB - Virtual size: 17KB

.reloc Size: 20KB - Virtual size: 16KB

.text Size: 156KB - Virtual size: 156KB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 20KB - Virtual size: 17KB

.reloc
Size: 20KB - Virtual size: 16KB

.text
Size: 156KB - Virtual size: 156KB