1586e786b8b2bcd3f6026075b19d51242ad61e319f0ee12d8163093ac61bfe40

Sharing

Copy URL Twitter E-mail

General

Target

1586e786b8b2bcd3f6026075b19d51242ad61e319f0ee12d8163093ac61bfe40
Size

584KB
MD5

a2dc9fd14594c0a978cb8949dc31ea80
SHA1

d3e629c26a90d6b4112cfab3e96054362db2197b
SHA256

1586e786b8b2bcd3f6026075b19d51242ad61e319f0ee12d8163093ac61bfe40
SHA512

d1c4a20a9a6731fa24195574e92bb814187d6a146d37672f183e7a5b426d58fa34d5ecb2621a909ca1e41b9f519a68e6973a93a6dd8fa4b6e742d31cb530541e
SSDEEP

12288:usF7eAVLk3xDwWE0W/9GcE6qiPyVtUPWkD5K2SWgGunt8zXOGsEfPH:uu7eCLk3twWVWFGr6qiPKtCWk0GwOaEn

Score

N/A

Malware Config

Signatures

Files

1586e786b8b2bcd3f6026075b19d51242ad61e319f0ee12d8163093ac61bfe40
.dll regsvr32 windows x86

e6c44c93bff37aca88f848897aa35876

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
DisableThreadLibraryCalls
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
lstrcpyA
EnterCriticalSection
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
GetProcAddress
LoadLibraryA
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedIncrement
InterlockedDecrement
LoadLibraryExA
GetLastError
lstrlenW
TlsSetValue
TlsAlloc
GetSystemDirectoryA
WaitForSingleObject
ExitProcess
RaiseException
RtlUnwind
LocalFree
CreateThread
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
TerminateProcess
GetVersion
WriteFile
SetEvent
GetSystemTime
GetTimeFormatA
GetDateFormatA
GetTickCount
CreateEventA
FormatMessageA
CreateFileA
CloseHandle
GetVersionExA
GetFileSize
ReadFile
LocalAlloc
LocalReAlloc
TlsFree
HeapAlloc
Sleep
CreateProcessA
HeapFree
SetLastError
TlsGetValue
GetProcessHeap
DeleteFileA

user32

InvalidateRect
GetParent
PtInRect
UnionRect
GetWindowRect
ShowWindow
GetKeyState
LoadStringA
DispatchMessageA
GetMessageA
PeekMessageA
DialogBoxParamA
SendMessageA
IsDlgButtonChecked
EndDialog
MessageBoxA
SendDlgItemMessageA
DestroyWindow
BeginPaint
GetClientRect
EndPaint
GetFocus
IsChild
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
SetFocus
IsWindow
EnableWindow
CallWindowProcA
GetDlgItem
SetWindowLongA
GetWindowLongA
CreateWindowExA
ReleaseDC
GetDC
CharNextA
DefWindowProcA

gdi32

GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
CreateDCA
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA

advapi32

FreeSid
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
GetTokenInformation
AllocateAndInitializeSid
CryptDestroyHash
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
CryptAcquireContextA
CryptDecrypt
OpenProcessToken
EqualSid

oleaut32

SysAllocStringLen
DispCallFunc
SysAllocStringByteLen
OleCreatePropertyFrame
SysStringByteLen
VariantChangeType
VariantClear
SysStringLen
SysAllocString
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString
VariantInit
VariantCopy

ole32

CoUninitialize
CoGetMalloc
CoUnmarshalInterface
CoInitialize
CoMarshalInterface
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
OleSaveToStream
WriteClassStm
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
OleLoadFromStream
CLSIDFromString
CreateDataAdviseHolder
OleRegGetMiscStatus

shlwapi

StrCmpNIA
SHCopyKeyA
StrCmpW
StrRChrIA
StrStrIA
StrCmpIW
StrRChrA

wininet

InternetCrackUrlA
InternetAttemptConnect
InternetSetOptionA

rasapi32

RasGetEntryPropertiesA
RasHangUpA
RasSetEntryPropertiesA
RasDeleteEntryA
RasGetErrorStringA
RasEnumConnectionsA
RasSetEntryDialParamsA
RasGetEntryDialParamsA
RasGetProjectionInfoA
RasEnumDevicesA
RasGetConnectStatusA
RasDialA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6c44c93bff37aca88f848897aa35876

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

ole32

shlwapi

wininet

rasapi32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 166KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 44KB - Virtual size: 41KB

.reloc Size: 16KB - Virtual size: 12KB

.rmnet Size: 344KB - Virtual size: 344KB

.text
Size: 168KB - Virtual size: 166KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 44KB - Virtual size: 41KB

.reloc
Size: 16KB - Virtual size: 12KB

.rmnet
Size: 344KB - Virtual size: 344KB