6aad9993e089a5ef4189b8ef5dd296d8be54ff00017b8603f98aa834896db881

Sharing

Copy URL Twitter E-mail

General

Target

6aad9993e089a5ef4189b8ef5dd296d8be54ff00017b8603f98aa834896db881
Size

252KB
MD5

0068080f245190da52ac2599471d0f30
SHA1

b3f798c6eaa77d59b925a27125c5d0aaffc7b205
SHA256

6aad9993e089a5ef4189b8ef5dd296d8be54ff00017b8603f98aa834896db881
SHA512

48d63f75cbfa39f876beb486e90bca8d2cdc22095001e020120e6cc6aab3203b7c0087faab68b421d863dd399c861581cc9935f08fc111982c598ccceed21d91
SSDEEP

6144:pil6naNMbKlF/5BSJ23pfphp2TIycnf40:pilbmWlF/5Bp3y70

Score

N/A

Malware Config

Signatures

Files

6aad9993e089a5ef4189b8ef5dd296d8be54ff00017b8603f98aa834896db881
.dll regsvr32 windows x86

3315a8ec8b3a582cafff8a545edf4e1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
OutputDebugStringW
CloseHandle
FlushFileBuffers
GetSystemInfo
VirtualProtect
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetFilePointer
GetVersionExA
GetOEMCP
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
WriteFile
UnhandledExceptionFilter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
TerminateProcess
SetUnhandledExceptionFilter
GetModuleHandleA
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
IsBadWritePtr
VirtualAlloc
GetCurrentThreadId
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
FindResourceExW
LeaveCriticalSection
EnterCriticalSection
InterlockedExchange
lstrcpynW
lstrcmpiW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetLastError
GetModuleFileNameW
GetModuleHandleW
lstrcpyW
lstrlenW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
GetCPInfo
VirtualFree
HeapCreate
HeapDestroy
VirtualQuery
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
ExitProcess
RtlUnwind
HeapReAlloc
GetCommandLineA
QueryPerformanceCounter

user32

UnregisterClassW
CharNextW
IsWindow
SendMessageW
SetWindowLongW
CreateWindowExW
SystemParametersInfoA
GetSystemMetrics
PostMessageW
InflateRect
IntersectRect
GetWindowDC
ClientToScreen
ScreenToClient
SystemParametersInfoW
DrawTextW
SetCapture
GetCapture
GetDlgCtrlID
SetCursor
InvalidateRect
ReleaseCapture
RegisterClassExW
CallWindowProcW
GetWindowLongW
DefWindowProcW
EndPaint
BeginPaint
LoadBitmapW
DestroyWindow
DestroyCursor
LoadImageW
GetDC
ReleaseDC
GetParent
LoadCursorW
wsprintfW
GetClassInfoExW
SetWindowRgn
SetParent
EnableWindow
ShowWindow
GetClientRect
GetWindowRect
SetWindowPos

gdi32

CreateBitmap
CreatePatternBrush
CreateRectRgnIndirect
SetRectRgn
SelectClipRgn
GetClipBox
PatBlt
SetBkColor
ExtTextOutW
SetTextColor
SetBkMode
CreateCompatibleDC
BitBlt
PtInRegion
DeleteDC
CombineRgn
CreateFontIndirectW
CreateRectRgn
GetObjectW
DeleteObject
GetDIBits
SelectObject

advapi32

RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance

oleaut32

VarUI4FromStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3315a8ec8b3a582cafff8a545edf4e1e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 68KB - Virtual size: 68KB

.reloc Size: 8KB - Virtual size: 7KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 68KB - Virtual size: 68KB

.reloc
Size: 8KB - Virtual size: 7KB

.rmnet
Size: 60KB - Virtual size: 60KB