2d8ee43c8e2fc3913c111c8b3b8bd086d708014758170cc5d7bdbc50657d126e

Sharing

Copy URL Twitter E-mail

General

Target

2d8ee43c8e2fc3913c111c8b3b8bd086d708014758170cc5d7bdbc50657d126e
Size

318KB
MD5

eefd4e1ac753eb80a75893f0cfb8ae51
SHA1

ba000238aafb871fd359a95b807b2adbb46c38c5
SHA256

2d8ee43c8e2fc3913c111c8b3b8bd086d708014758170cc5d7bdbc50657d126e
SHA512

a7f3d94f82ec0eab197eab8d5c7262bb2f4f209146c0d0a13bed41e1544889d6382fc21fec1541038f7a00afe991879089ae685f5b68884e470a6d6172ee6ab6
SSDEEP

6144:2UTqZ2jsY3HpQEBUtZzrVNLJvH9eQsrxtpwpP7I0b4DPPP7PfQWOxZs7bEaPS7TD:2UGZ2jsY3HpQEBUtZzhBEycDPPP7PgZ7

Score

N/A

Malware Config

Signatures

Files

2d8ee43c8e2fc3913c111c8b3b8bd086d708014758170cc5d7bdbc50657d126e
.dll regsvr32 windows x86

ad0ba2cda8e7691e211ec20fd08b516d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pbvm90

ord5717
ord5667
ord5721
ord5716
ord5669
ord5665
ord9009
ord9001
ord9006
ord9011
ord5671
ord5673
ord9035
ord2863
ord9109
ord9013
ord9019
ord9026
ord9024
ord9029
ord2117
ord9028
ord11000
ord9037
ord3994
ord5672
ord5670
ord9003
ord5600
ord9101
ord9027
ord10003
ord9000
ord9025

pbdev90

ord101

pbsys90

ord508

pbcmp90

ord4
ord25
ord3

libjsybheap

ord16
ord13

msvcrt

islower
mbstowcs
strncpy
_mbscmp
_mbsicmp
_mbscat
_mbscpy
_purecall
strchr
_mbschr
strtoul
sscanf
_splitpath
atoi
strtok
_mbstok
strstr
strncmp
wcstombs
asctime
localtime
time
_mbsstr
strrchr
_mbsrchr
getenv
strncat
_itoa
exit
wcslen
modf
_ftol
malloc
free
tolower
isupper
toupper
__dllonexit
_ismbbtrail
__CxxFrameHandler
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_onexit
_CxxThrowException
_stricmp

kernel32

lstrlenA
LoadLibraryA
lstrlenW
LocalFree
DeleteFileA
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceA
GetModuleFileNameA
GetModuleHandleA
FreeLibrary
GetProcAddress
LoadLibraryExA
WideCharToMultiByte
GetCPInfo
GetLastError
MultiByteToWideChar
IsDBCSLeadByte
InterlockedDecrement

user32

ScreenToClient
GetDC
LoadBitmapA
GetClientRect
GetSystemMetrics
ReleaseDC
GetFocus
GetCursorPos
EndDialog
SetDlgItemTextA
GetDlgCtrlID
WinHelpA
wsprintfA
GetActiveWindow
LoadStringA
SetWindowTextA
SetFocus
DialogBoxParamA
EnableWindow
GetDlgItemTextA
SetWindowLongA
GetParent
SendMessageA
MessageBoxA
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetWindowLongA
LoadIconA

gdi32

SelectObject
GetTextExtentPointA

ole32

CoCreateInstance
CoCreateGuid
StringFromCLSID
CoCreateInstanceEx
CoTaskMemFree
CLSIDFromString

oleaut32

CreateErrorInfo
SetErrorInfo
GetErrorInfo
SysStringLen
VariantChangeType
SysAllocString
SafeArrayGetDim
SysFreeString
CreateTypeLi
LoadTypeLi
VarDecFromR8
VarDateFromR8
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayPutElement
SafeArrayRedim
SafeArrayGetElement
SysAllocStringByteLen
SafeArrayCreate
VariantClear
VariantInit
SysStringByteLen

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetMalloc

msvcirt

?cout@@3Vostream_withassign@@A
?endl@@YAAAVostream@@AAV1@@Z
??6ostream@@QAEAAV0@H@Z
??6ostream@@QAEAAV0@E@Z
?openprot@filebuf@@2HB
??0ofstream@@QAE@PBDHH@Z
??1ofstream@@UAE@XZ
??1ios@@UAE@XZ
??6ostream@@QAEAAV0@K@Z
??6ostream@@QAEAAV0@F@Z
?flush@ostream@@QAEAAV1@XZ
?close@ofstream@@QAEXXZ
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@J@Z

Exports

Exports

CreatePBIGeneratorFactory
DllRegisterServer
DllUnregisterServer
WEP
pbdv_iscomplus

Sections

.text
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad0ba2cda8e7691e211ec20fd08b516d

Headers

File Characteristics

Imports

pbvm90

pbdev90

pbsys90

pbcmp90

libjsybheap

msvcrt

kernel32

user32

gdi32

ole32

oleaut32

advapi32

shell32

msvcirt

Exports

Exports

Sections

.text Size: 197KB - Virtual size: 196KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 39KB - Virtual size: 41KB

.rsrc Size: 51KB - Virtual size: 51KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 197KB - Virtual size: 196KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 39KB - Virtual size: 41KB

.rsrc
Size: 51KB - Virtual size: 51KB

.reloc
Size: 11KB - Virtual size: 11KB