d2a1f381c1d7a86f3623dbd3e0b3d4616759eb8ee837b48e06e134c20fe4d055

Sharing

Copy URL Twitter E-mail

General

Target

d2a1f381c1d7a86f3623dbd3e0b3d4616759eb8ee837b48e06e134c20fe4d055
Size

792KB
MD5

910977855bebce3b8767fe48cee65e10
SHA1

639e89c906d032b92ff22e663f42e42cf28562cc
SHA256

d2a1f381c1d7a86f3623dbd3e0b3d4616759eb8ee837b48e06e134c20fe4d055
SHA512

816a1bed8851cfe78d59b2daf0838a914daef57665fa5c414f5b589b710aca7c274e0917c5cf48eb88f722fa99f8b2c2ba5d9fa1461a21fbbc2a42a22c8f109f
SSDEEP

12288:6Cj/BbhhhFFjkuzNjszc1cZ6CpDQy6N6KqYTAHL98KEOBzQPKseAm:6gBvHFjV5FkYN6KRTAHPEq

Score

N/A

Malware Config

Signatures

Files

d2a1f381c1d7a86f3623dbd3e0b3d4616759eb8ee837b48e06e134c20fe4d055
.dll regsvr32 windows x86

25066adaeeafc1948396c1995808e195

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineA
SHRegSetUSValueA
SHGetValueA
SHSetValueA
SHRegGetUSValueA
SHDeleteKeyA
SHDeleteValueA

setupapi

SetupIterateCabinetA

wininet

InternetGetCookieA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
UnlockUrlCacheEntryStream
ReadUrlCacheEntryStream
RetrieveUrlCacheEntryStreamA
InternetReadFile
InternetQueryDataAvailable
HttpQueryInfoA
HttpSendRequestA
HttpAddRequestHeadersA
InternetSetOptionA
HttpOpenRequestA
InternetConnectA
InternetCrackUrlW
InternetCreateUrlW
InternetGetConnectedState

comctl32

ImageList_Draw
PropertySheetA
CreatePropertySheetPageA
CreateToolbarEx
ImageList_LoadImageA
ImageList_Destroy
ImageList_GetIcon
ord8

urlmon

CreateURLMoniker

wsock32

gethostname
htonl
gethostbyname
WSAStartup
inet_addr
WSACleanup

crypt32

CertFreeCertificateContext
CertNameToStrA
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CryptQueryObject

wintrust

WinVerifyTrust

winmm

PlaySoundA

kernel32

FreeEnvironmentStringsA
SetStdHandle
GetFullPathNameA
GetStdHandle
SetHandleCount
SetFilePointer
IsBadWritePtr
VirtualAlloc
VirtualFree
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetUserDefaultLCID
EnumSystemLocalesA
HeapCreate
FlushFileBuffers
UnhandledExceptionFilter
GetOEMCP
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetTickCount
lstrlenA
GetProcAddress
MultiByteToWideChar
SystemTimeToFileTime
MulDiv
GlobalLock
GlobalAlloc
FreeLibrary
GetLocalTime
DeleteFileA
LoadLibraryA
GetCurrentThreadId
GlobalUnlock
GlobalSize
GetCurrentProcessId
GetModuleFileNameA
GetTempPathA
IsValidLocale
GetLastError
SetLastError
CreateDirectoryA
GetVersion
CompareStringA
CompareStringW
lstrcmpiA
CloseHandle
CreateFileA
CreateProcessA
WriteFile
SetFileAttributesA
GetFileAttributesA
GetCurrentDirectoryA
FindNextFileA
FindFirstFileA
CompareFileTime
GetSystemTime
FileTimeToSystemTime
GetExitCodeProcess
OpenProcess
SetProcessWorkingSetSize
GetStartupInfoA
SetThreadPriority
GetCurrentThread
TerminateProcess
WaitForSingleObject
CreateRemoteThread
DuplicateHandle
GetCurrentProcess
GetModuleHandleA
GlobalMemoryStatus
GetWindowsDirectoryA
RemoveDirectoryA
FindClose
Sleep
TlsAlloc
TlsFree
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetDateFormatA
GetTimeFormatA
LCMapStringW
LCMapStringA
GetCPInfo
GetCommandLineA
GetFileType
ReadFile
SetEndOfFile
MoveFileA
GetDriveTypeA
FileTimeToLocalFileTime
ExitProcess
CreateThread
ResumeThread
TlsGetValue
TlsSetValue
ExitThread
GetTimeZoneInformation
GetSystemTimeAsFileTime
RtlUnwind
IsValidCodePage
RaiseException
LocalFree
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
VirtualProtect
GetSystemInfo
VirtualQuery
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
SetEnvironmentVariableA
LocalAlloc
GetTempFileNameA

user32

SetWindowPos
GetDesktopWindow
MapWindowPoints
GetMessagePos
DrawFrameControl
DrawTextA
GetWindowTextLengthA
DialogBoxParamA
OffsetRect
MessageBoxIndirectA
EnableWindow
IsDlgButtonChecked
GetDlgItem
GetClassInfoA
RegisterClassA
SetParent
ReleaseCapture
SetCapture
GetMenuItemInfoA
SetWindowsHookExA
GetCursorPos
RegisterClipboardFormatA
TranslateMessage
DispatchMessageA
ShowWindow
MessageBeep
TrackPopupMenuEx
DestroyMenu
CreateWindowExA
IsWindowVisible
SetCursor
LoadCursorA
SetTimer
SetFocus
GetAsyncKeyState
SendMessageA
OpenClipboard
GetClipboardData
CloseClipboard
GetDC
ReleaseDC
DefWindowProcA
CheckMenuRadioItem
SystemParametersInfoA
CreatePopupMenu
AppendMenuA
ClientToScreen
CallNextHookEx
GetClassLongA
SetWindowLongA
ScreenToClient
SetWindowTextA
RedrawWindow
GetClassNameA
GetClientRect
SubtractRect
EndDialog
MessageBoxA
LoadBitmapA
FrameRect
FillRect
GetWindowTextA
GetParent
GetWindowLongA
CallWindowProcA
InvalidateRect
MoveWindow
GetWindowRect
KillTimer
LoadImageA
PostMessageA
GetFocus
IsChild
DestroyWindow
IsWindow
FindWindowExA
ValidateRect

gdi32

DeleteDC
GetTextExtentPoint32A
BitBlt
SelectObject
CreateCompatibleDC
GetStockObject
CreateSolidBrush
DeleteObject
GetDeviceCaps
CreateFontIndirectA
GetBkColor
SaveDC
RestoreDC

advapi32

RegCloseKey
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA

ole32

CLSIDFromProgID
CreateStreamOnHGlobal
CoCreateGuid
RegisterDragDrop
RevokeDragDrop
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantCopy
VariantClear
VariantChangeType
OleLoadPicture

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInfoA
DllRegisterServer
DllUnregisterServer
DllUpdated
DllUpdated2
DllVersionStringA
DllVersionStringW

Sections

.text
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

25066adaeeafc1948396c1995808e195

Headers

File Characteristics

Imports

shlwapi

setupapi

wininet

comctl32

urlmon

wsock32

crypt32

wintrust

winmm

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 448KB - Virtual size: 447KB

.rdata Size: 96KB - Virtual size: 93KB

.data Size: 20KB - Virtual size: 31KB

.rsrc Size: 120KB - Virtual size: 118KB

.reloc Size: 40KB - Virtual size: 36KB

.text Size: 64KB - Virtual size: 64KB

.text
Size: 448KB - Virtual size: 447KB

.rdata
Size: 96KB - Virtual size: 93KB

.data
Size: 20KB - Virtual size: 31KB

.rsrc
Size: 120KB - Virtual size: 118KB

.reloc
Size: 40KB - Virtual size: 36KB

.text
Size: 64KB - Virtual size: 64KB