bc2632f724ba075b68805e5d1f02036db876df8739f2a6b80f2a27e3b8c66107

Sharing

Copy URL

Twitter E-mail

General

Target

bc2632f724ba075b68805e5d1f02036db876df8739f2a6b80f2a27e3b8c66107
Size

184KB
MD5

5ac8e5347d36b07166fe1e00b5ec858f
SHA1

4dfb11a26d82925da6cca25e0f3047072babf2cb
SHA256

bc2632f724ba075b68805e5d1f02036db876df8739f2a6b80f2a27e3b8c66107
SHA512

33f17654195b41150171f84a1e13c463e8abfc07b045437866d1b0d7d075173306344d255d1c73c1ca9e689a62496ce1f04aeada01053c8a1070b0caa391d912
SSDEEP

3072:f5/u85KDlv1CQptYCTKss2kiS6/QOAV1nEfzXfv9KjI82mGMQD9fNlnFQ+vK/:f5Z2vc6Rs2kPtCTvaD2FTfNdC/

Score

N/A

Malware Config

Signatures

Files

bc2632f724ba075b68805e5d1f02036db876df8739f2a6b80f2a27e3b8c66107
.dll regsvr32 windows x86

dcf94269dcfc24d9f2005825b6eda075

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lame_enc

ord100
ord101
ord120
ord110
ord102
ord140

msvcrt

__dllonexit
_adjust_fdiv
malloc
_initterm
__CxxFrameHandler
_purecall
??2@YAPAXI@Z
fopen
_strtime
_vsnprintf
fwrite
fclose
_ftol
atof
sprintf
memmove
calloc
free
??3@YAXPAX@Z
_onexit

winmm

timeSetEvent
timeGetTime

kernel32

GetCurrentThread
GetThreadPriority
SetThreadPriority
GetACP
WideCharToMultiByte
GetTickCount
CreateThread
InterlockedExchange
SetErrorMode
GetProcAddress
VirtualAlloc
GetSystemInfo
ReleaseSemaphore
CreateSemaphoreA
WaitForSingleObject
WaitForMultipleObjects
SetEvent
GetCurrentThreadId
lstrcmpiA
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
MulDiv
lstrcpyA
lstrcatA
lstrlenA
InterlockedIncrement
InterlockedDecrement
FreeLibrary
LoadLibraryA
MultiByteToWideChar
GetLastError
GetModuleFileNameA
GetVersionExA
DisableThreadLibraryCalls
CloseHandle
CreateEventA
ResetEvent
DuplicateHandle
GetCurrentProcess
VirtualFree

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
RegSetValueA
RegEnumKeyExA
RegSetValueExA
RegDeleteKeyA
RegQueryValueExA

user32

LoadStringW
wvsprintfA
MsgWaitForMultipleObjects
DispatchMessageA
GetQueueStatus
RegisterWindowMessageA
CheckRadioButton
SetWindowTextA
GetDlgItem
IsDlgButtonChecked
GetWindowTextA
GetWindowLongA
SetWindowLongA
CreateDialogParamA
MoveWindow
InvalidateRect
ShowWindow
DestroyWindow
DefWindowProcA
wsprintfA
LoadStringA
PeekMessageA
GetWindowRect
GetDesktopWindow
PostThreadMessageA

ole32

CoCreateInstance
CoInitialize
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoFreeUnusedLibraries
CoUninitialize

oleaut32

SysFreeString
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dcf94269dcfc24d9f2005825b6eda075

Headers

File Characteristics

Imports

lame_enc

msvcrt

winmm

kernel32

advapi32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 672B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text Size: 92KB - Virtual size: 92KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 672B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 92KB - Virtual size: 92KB