6fc489c9e23f68fa2684471cfd6e8e314999e402158261de63df6b8143b9d54d

Sharing

Copy URL Twitter E-mail

General

Target

6fc489c9e23f68fa2684471cfd6e8e314999e402158261de63df6b8143b9d54d
Size

412KB
MD5

90b6a1f25fdc28fd42b5ccc489f00988
SHA1

957cd3d63c63e4ce9a5426a9904db18ac0df1bec
SHA256

6fc489c9e23f68fa2684471cfd6e8e314999e402158261de63df6b8143b9d54d
SHA512

68b50ae553f98cebf592de261ff58087f7a209ca8116a9b7fbdbca36ce7dc2da9aa61fa5d8a009f234bd1e55c33008d38a764cf8ece3c018e013350c76b909e6
SSDEEP

12288:+x6bQjw21ZA3YZuqBza851Tt0wdXG7+RgniNdrG:+Ip2DSEuqBzVTVXfgnifG

Score

N/A

Malware Config

Signatures

Files

6fc489c9e23f68fa2684471cfd6e8e314999e402158261de63df6b8143b9d54d
.dll regsvr32 windows x86

7a16be1696d2f4f121813c926723ff92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
gethostname
WSAStartup
gethostbyname

kernel32

MultiByteToWideChar
WideCharToMultiByte
lstrlenW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrlenA
lstrcmpiA
WaitForSingleObject
GetTickCount
lstrcpynA
lstrcpyA
InterlockedDecrement
CreateThread
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
IsDBCSLeadByte
GetModuleFileNameA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
SetEvent
HeapFree
GetProcessHeap
HeapAlloc
OutputDebugStringA
CreateEventA
CloseHandle
DisableThreadLibraryCalls
lstrcatA
QueryPerformanceCounter
GetCurrentThreadId
GetVersionExA
GetSystemTimeAsFileTime
GetProcAddress
LoadLibraryA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
HeapSize
InterlockedCompareExchange
GetModuleHandleW
DeviceIoControl
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetDiskFreeSpaceA
GlobalMemoryStatus
GetLocalTime
HeapReAlloc
IsProcessorFeaturePresent
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetCPInfo
GetOEMCP
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
TlsAlloc
GetCurrentProcessId
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
SetFilePointer
WriteFile
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
TlsSetValue
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
GetCommandLineA
ExitProcess
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
LocalFree
TlsFree
SetLastError

user32

CharNextA
PeekMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageA
GetMessageW
IsWindowUnicode
MsgWaitForMultipleObjects
LoadStringA
MessageBoxExA
GetActiveWindow

advapi32

RegQueryInfoKeyA
RegQueryValueExA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

CoGetInterfaceAndReleaseStream
CoInitialize
ProgIDFromCLSID
CoUninitialize
OleRun
StringFromGUID2
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoMarshalInterThreadInterfaceInStream
CoCreateInstance

oleaut32

VariantCopy
VariantChangeType
SafeArrayRedim
VarBstrCat
SafeArrayCreate
UnRegisterTypeLi
RegisterTypeLi
SysStringLen
LoadTypeLi
LoadRegTypeLi
SafeArrayGetUBound
SafeArrayDestroy
VarUI4FromStr
CreateErrorInfo
SetErrorInfo
SysAllocStringLen
VariantClear
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysAllocString
GetErrorInfo
VarBstrCmp

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7a16be1696d2f4f121813c926723ff92

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 12KB - Virtual size: 21KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 16KB - Virtual size: 12KB

.text Size: 160KB - Virtual size: 160KB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 12KB - Virtual size: 21KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 16KB - Virtual size: 12KB

.text
Size: 160KB - Virtual size: 160KB