75644a0d05b7a5d8aad4122ea6ede012af3e003e27f7976e454fdf9a8551b57c

Sharing

Copy URL Twitter E-mail

General

Target

75644a0d05b7a5d8aad4122ea6ede012af3e003e27f7976e454fdf9a8551b57c
Size

632KB
MD5

5f723ca7f9f1b22bd1efd2e94e8fc9d0
SHA1

8faef3584f46ca7c4f3dd8d88b13490d7f617adc
SHA256

75644a0d05b7a5d8aad4122ea6ede012af3e003e27f7976e454fdf9a8551b57c
SHA512

1c2eb09b4a9214c75a1c2455ec259652edd6e204532d6d9f1f25d2d0a18aad020e9ea4ebbcf998324796960e71459ca0ad797836dd5547c5db8f3a87ce762dfa
SSDEEP

12288:0FCHfMAOrNewoKmrvn6V3SWcuXEWXJtYol:0FCHfMuwtmDieI5t

Score

N/A

Malware Config

Signatures

Files

75644a0d05b7a5d8aad4122ea6ede012af3e003e27f7976e454fdf9a8551b57c
.dll regsvr32 windows x86

6c4e37276e2ae7e85139afc04f30b9b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libcurl

curl_global_cleanup
curl_easy_setopt
curl_easy_init
curl_global_init
curl_formfree
curl_formadd
curl_easy_perform

kernel32

RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrcmpiW
CreateTimerQueueTimer
DeleteTimerQueueTimer
InterlockedIncrement
InterlockedDecrement
GetTickCount
GetACP
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
CreateProcessA
CreateSemaphoreW
CloseHandle
WaitForSingleObject
ReleaseSemaphore
OpenSemaphoreW
DeleteTimerQueue
EnterCriticalSection
LeaveCriticalSection
OpenMutexW
CreateMutexW
CreateTimerQueue
GetCurrentThreadId
SetThreadLocale
GetThreadLocale
LockResource
FindResourceExW
GetVersionExA
CreateFileW
lstrlenA
WriteFile
Process32NextW
Sleep
CreateToolhelp32Snapshot
ReadFile
GetFileSize
ExitProcess
TerminateThread
GetCurrentProcessId
GetVolumeInformationW
SetErrorMode
GetFileTime
GetWindowsDirectoryW
CreateThread
GetCommandLineW
InitializeCriticalSectionAndSpinCount
GetTempPathW
GetExitCodeProcess
CreateProcessW
GetSystemDirectoryW
SetFileTime
WideCharToMultiByte
HeapFree
GetProcessHeap
InterlockedExchange
GetLocaleInfoA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleCP
SetFilePointer
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetStdHandle
SetHandleCount
IsValidCodePage
lstrlenW
WriteConsoleW
SetEndOfFile
GetOEMCP
Process32FirstW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetCPInfo
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
HeapCreate
VirtualFree
GetCommandLineA
VirtualQuery
GetSystemInfo
GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualProtect
GetUserDefaultLCID
GetStringTypeExW
LCMapStringA
LCMapStringW
LoadLibraryA
InterlockedCompareExchange
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime

user32

LoadStringW
UnregisterClassA
GetForegroundWindow
PostMessageW
AllowSetForegroundWindow
GetMessageW
GetKeyboardState
ShowWindow
FindWindowExW
GetActiveWindow
PostThreadMessageW
CharNextW
SetWindowPos

advapi32

RegEnumKeyExW
GetUserNameW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize
StringFromGUID2
OleRun
CLSIDFromProgID
CLSIDFromString
CoTaskMemRealloc

oleaut32

SysAllocString
VariantClear
GetErrorInfo
VariantChangeType
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysFreeString
VariantInit

shlwapi

UrlEscapeW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 508KB - Virtual size: 505KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c4e37276e2ae7e85139afc04f30b9b2

Headers

File Characteristics

Imports

libcurl

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 508KB - Virtual size: 505KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 28KB - Virtual size: 25KB

.text
Size: 508KB - Virtual size: 505KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 28KB - Virtual size: 25KB