5d1304bca155c5581809d56c9fdf91640a60b830ecd136feeef14c6807f6753c

Sharing

Copy URL Twitter E-mail

General

Target

5d1304bca155c5581809d56c9fdf91640a60b830ecd136feeef14c6807f6753c
Size

552KB
MD5

822fdd022e6092f6b1932eb19f083b85
SHA1

0fbe0560a30d70c540830cca535f7febc06e5883
SHA256

5d1304bca155c5581809d56c9fdf91640a60b830ecd136feeef14c6807f6753c
SHA512

0e9a446941841f0e758f3c3806c7094ef6de61f78205ca332d3399fd4f591eeb9284ed9187d97b5a0e5f22a519e07c9c09f60ea54d0693bac356edf5729d3f9d
SSDEEP

6144:SYT6KWhX8kE7+yuxTTkWtPRQtsckpHIrkEO/3ufWdfmCA0t:SYT6KWhX8tTqE5mmn0t

Score

N/A

Malware Config

Signatures

Files

5d1304bca155c5581809d56c9fdf91640a60b830ecd136feeef14c6807f6753c
.dll regsvr32 windows x86

e98618cd4c9dbaadc36a5f06b2d50ef6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
FreeResource
LockResource
InterlockedDecrement
LoadResource
SizeofResource
FindResourceA
GetModuleHandleA
GetLastError
GetShortPathNameA
GetModuleFileNameA
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrcpyA
lstrcatA
FreeLibrary
CreateEventA
GetVersionExA
InterlockedIncrement
SetEvent
WaitForSingleObject
GetCurrentThreadId
GlobalFree
GlobalHandle
GlobalAlloc
GlobalUnlock
GlobalLock
lstrcmpA
FlushInstructionCache
GetCurrentProcess
MapViewOfFile
OpenFileMappingA
GetTickCount
CreateFileMappingA
UnmapViewOfFile
ReleaseMutex
CreateMutexA
CreateThread
WaitForMultipleObjects
GetExitCodeThread
TerminateThread
CloseHandle
lstrlenA
MultiByteToWideChar
lstrlenW
LoadLibraryA
GetProcAddress
GetFileAttributesA
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetFilePointer
IsBadWritePtr
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
SetUnhandledExceptionFilter
GetExitCodeProcess
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetStringTypeW
HeapAlloc
HeapFree
GetVersion
GetCommandLineA
TerminateProcess
ExitProcess
RaiseException
WideCharToMultiByte
RtlUnwind
LocalFree
InterlockedExchange
Sleep
FlushFileBuffers
CreateProcessA
SetStdHandle

user32

CharNextA
EnableWindow
GetClientRect
DefWindowProcA
SetTimer
GetDlgItem
PeekMessageA
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageA
SetWindowTextA
CallWindowProcA
CreateWindowExA
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetDesktopWindow
GetClassNameA
BeginPaint
FillRect
EndPaint
SendMessageA
GetDC
ReleaseDC
GetSysColor
GetWindowTextLengthA
GetWindowTextA
RegisterWindowMessageA
CreateDialogIndirectParamA
IsWindowEnabled
GetFocus
IsChild
LoadStringA
SetWindowLongA
BringWindowToTop
RedrawWindow
SetFocus
ShowWindow
GetMessageA
IsDialogMessageA
PostMessageA
KillTimer
GetCursorPos
PtInRect
GetClassInfoExA
wsprintfA
RegisterClassExA
GetWindowLongA
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
MapWindowPoints
SetWindowPos
LoadCursorA
SetCursor
LoadIconA
IsWindow
DestroyWindow

olepro32

ord253

ole32

CoTaskMemAlloc
OleLockRunning
StringFromCLSID
CoTaskMemFree
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
OleRun
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

GetErrorInfo
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocString
SysAllocStringLen
VariantClear
SafeArrayUnaccessData
SysStringByteLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayAccessData
SafeArrayCreate
VariantInit
DispCallFunc

gdi32

GetDeviceCaps
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
GetObjectA
GetStockObject

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e98618cd4c9dbaadc36a5f06b2d50ef6

Headers

File Characteristics

Imports

kernel32

user32

olepro32

ole32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 20KB - Virtual size: 25KB

.rsrc Size: 120KB - Virtual size: 120KB

.reloc Size: 12KB - Virtual size: 11KB

.rmnet Size: 272KB - Virtual size: 272KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 120KB - Virtual size: 120KB

.reloc
Size: 12KB - Virtual size: 11KB

.rmnet
Size: 272KB - Virtual size: 272KB