29605bfc3e22e681317c8fd887d4bd985f73cb02eea5b83fd78faf085bd00f64

Sharing

Copy URL Twitter E-mail

General

Target

29605bfc3e22e681317c8fd887d4bd985f73cb02eea5b83fd78faf085bd00f64
Size

92KB
MD5

9310667c5f01913f71e2107f2fcb9292
SHA1

b4ec31ea22d5f6cd85c4c74c92691fe30e56115d
SHA256

29605bfc3e22e681317c8fd887d4bd985f73cb02eea5b83fd78faf085bd00f64
SHA512

ee5b9456b2599ad05aca67cfbaba0924ceba8b25f6848af924888bf7b48d142f4b2e7046c22a150a3d211d86937b2d239a6f2ba7c068027dcb7333a96097225d
SSDEEP

1536:6R8ZYhtqKi8H6gZKh9EejKTcEDHEm+ggCg6cuZaOEUTFMqXMhWrwI:6pE8H6rDE/QEzJ+gPxcu8dIFMqXMhWrx

Score

N/A

Malware Config

Signatures

Files

29605bfc3e22e681317c8fd887d4bd985f73cb02eea5b83fd78faf085bd00f64
.dll regsvr32 windows x86

287b3b4c753baa7f6610379a5bea6d4b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Beep
CreateEventW
GlobalFindAtomW
GetUserDefaultLangID
OpenFileMappingW
SetLastError
LocalReAlloc
SetConsoleMode
GetLocaleInfoW
GetTempPathW
ChangeTimerQueueTimer
ReadConsoleInputA
GetProfileIntW
GetDefaultCommConfigW
GetTapeParameters
GetShortPathNameA
GetFileSize
FreeResource
EnumResourceNamesA
GetConsoleMode
AddAtomA
SetEndOfFile
SetTimeZoneInformation
GetDateFormatA
GlobalFindAtomA
GlobalReAlloc
OpenMutexW
HeapCompact
FindVolumeClose
SetSystemTime
GetProcessAffinityMask
WideCharToMultiByte
GetLogicalDriveStringsA
CreateWaitableTimerW
WinExec
VirtualFree
HeapLock
AssignProcessToJobObject
FindAtomW
GetStartupInfoW
FindNextFileW
OpenEventW
QueueUserAPC
WriteFileEx
GetCurrentDirectoryA
FindFirstFileExW
GetCurrentThread
GetVolumePathNameW
IsValidCodePage
GetCommandLineW
SetComputerNameA
GetWindowsDirectoryW
QueueUserWorkItem
OpenThread
VerLanguageNameW
GetFileSizeEx
SetWaitableTimer
GetSystemPowerStatus
GetProcessVersion
FindClose
ReadConsoleA
GetDriveTypeW
OpenProcess
VirtualUnlock
FindFirstVolumeMountPointW
CreateFileMappingW
WriteProfileStringW
IsBadCodePtr
GetThreadLocale
RemoveDirectoryW
ExpandEnvironmentStringsW
SetConsoleTextAttribute
GetTimeFormatW
VirtualAlloc
DuplicateHandle
GetFullPathNameW
CreateSemaphoreA
GetThreadContext
CreateProcessW
SetInformationJobObject
SetProcessShutdownParameters
DeleteTimerQueueEx
GetSystemWindowsDirectoryA
CreateRemoteThread
GetCurrentDirectoryW
MoveFileW
LockFileEx
TransactNamedPipe
HeapUnlock
FillConsoleOutputAttribute
InterlockedCompareExchange
TerminateProcess
HeapCreate
lstrcpynW
PulseEvent
FileTimeToLocalFileTime
VerifyVersionInfoW
CreateMailslotW
GetEnvironmentVariableW
SetHandleInformation
FindNextVolumeMountPointW
SetEvent
ReadProcessMemory
FindNextVolumeW
SuspendThread
PeekConsoleInputW
SetFilePointerEx
GetVersionExA
CreateNamedPipeW
CancelWaitableTimer
AllocConsole
GetProfileStringA
GetStringTypeA
GetHandleInformation
ReadConsoleInputW
ExpandEnvironmentStringsA
GetModuleHandleA
CreateDirectoryA
EnterCriticalSection
CreateFileA
GetTickCount
WaitForSingleObject
LocalFree
GetSystemTimeAsFileTime
GetLastError
ReadFile
CloseHandle
MapViewOfFile
CreateMutexA
GetCurrentProcessId
GetProcessHeap
CreateThread
GlobalAlloc
InitializeCriticalSection
LoadLibraryA
ReleaseMutex
CreateProcessA
MoveFileA
WriteFile
GetProcAddress
GetEnvironmentVariableA

user32

KillTimer
CheckRadioButton
wsprintfA
SetWindowTextA
GetLastActivePopup
DrawTextW
DrawAnimatedRects
ClientToScreen
MessageBoxIndirectW
SetCursor
FrameRect
AdjustWindowRect
GetMonitorInfoW
DrawMenuBar
UnregisterClassA
SetClassLongW
GetDialogBaseUnits
ModifyMenuW
GetClassNameW
IsZoomed
LoadAcceleratorsA
TrackMouseEvent
SetWindowLongA
SetProcessDefaultLayout
GetClassLongW
GetMenuStringW
DrawStateA
SetWindowsHookExW
GetTopWindow
InsertMenuItemW
CharNextW
CheckMenuRadioItem
GetWindowTextLengthW
DefDlgProcA
MessageBoxW
TrackPopupMenu
MapVirtualKeyExW
GetActiveWindow
DialogBoxIndirectParamW
MapWindowPoints
GetWindowWord
BringWindowToTop
LoadImageA
GetCaretPos
CreateWindowExW
IsCharAlphaNumericW
GetMenuItemID
DefMDIChildProcA
SetClassLongA
CreateDialogIndirectParamW
SetMenuItemInfoW
ToUnicodeEx
AppendMenuW
GetDlgItemTextA
CharLowerBuffA
DrawFrameControl
GetPropA
GetSubMenu
GetClassInfoA
SetWindowTextW
GetMenu
wvsprintfA
GetMessagePos
BroadcastSystemMessageW
ScrollWindow
DestroyWindow
LoadStringW
DispatchMessageW
GetWindowDC
GetDlgCtrlID
EndDialog
BeginPaint
InSendMessage
LockWindowUpdate
GetUpdateRect
CreateIconIndirect
FreeDDElParam
GetMenuStringA
EnumWindowStationsW
SendNotifyMessageA
OpenInputDesktop
GetScrollBarInfo
GetDoubleClickTime
InSendMessageEx
MessageBoxA
ShowOwnedPopups
LookupIconIdFromDirectory
DrawIconEx
GetScrollInfo
GetMenuItemRect
GetWindowContextHelpId
CharUpperBuffW
CallMsgFilterW
WaitForInputIdle
GetWindowLongW
WinHelpW
GetSysColorBrush
ReleaseDC
DestroyMenu
AllowSetForegroundWindow
PostThreadMessageW
DrawTextExW
GetWindowTextLengthA
SetScrollInfo
CharLowerBuffW
PostQuitMessage
IsCharAlphaNumericA
DefFrameProcW
ScrollWindowEx
ShowWindowAsync
IntersectRect
SetWindowsHookExA
DispatchMessageA
PeekMessageA
CallNextHookEx
UnhookWindowsHookEx
GetWindowThreadProcessId
SendMessageA
PeekMessageW

shlwapi

PathFindFileNameW
StrFormatByteSizeW
PathFindExtensionW
PathFileExistsA
SHRegGetUSValueW
PathRemoveBlanksW
PathFileExistsW
StrChrW
wnsprintfA
PathRemoveFileSpecA
PathFindExtensionA
PathIsUNCServerShareW
StrRetToStrW
PathRemoveFileSpecW
StrTrimW
PathQuoteSpacesW
PathCreateFromUrlW
UrlCombineW
UrlCanonicalizeW
PathIsDirectoryA
PathSkipRootW
SHGetValueA
wnsprintfW
StrCatW
PathFindNextComponentW
PathIsDirectoryW
PathAppendW
PathIsPrefixW
StrToIntW
UrlUnescapeW
SHDeleteKeyA
StrStrIA

advapi32

LookupAccountNameA
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
ConvertSidToStringSidA
RegCreateKeyExA
RegNotifyChangeKeyValue
RegConnectRegistryW
RegCreateKeyA
RegSaveKeyExW
StartServiceA
RegQueryInfoKeyW
RegSaveKeyW
RegConnectRegistryA
RegLoadKeyW
GetServiceDisplayNameW
MakeAbsoluteSD
GetNumberOfEventLogRecords
ControlService
RegQueryValueExW
RegOpenKeyW
RegEnumValueA
QueryServiceStatus
RegSetValueExW
GetUserNameA
QueryServiceConfig2W
EnumDependentServicesA
RegReplaceKeyW
ChangeServiceConfigW
UnlockServiceDatabase
CreateServiceW
StartServiceCtrlDispatcherW
OpenThreadToken
GetAclInformation
CreateProcessAsUserA
RegLoadKeyA
NotifyBootConfigStatus
RegSetValueW
RegOpenKeyExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

287b3b4c753baa7f6610379a5bea6d4b

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB