bc1223a98c9f75017c3777981b02b8559a7ac1f2dac101b5627da4fe9d140743

Sharing

Copy URL Twitter E-mail

General

Target

bc1223a98c9f75017c3777981b02b8559a7ac1f2dac101b5627da4fe9d140743
Size

168KB
MD5

820d6ae969d79d7db0b7aae792e4e9f0
SHA1

9bf0efcaf8686d1918c2832563591e8491457da7
SHA256

bc1223a98c9f75017c3777981b02b8559a7ac1f2dac101b5627da4fe9d140743
SHA512

a18b35351d2ca4f5efcca0621d082d19fe64ecb97ced98a8211b797bd085391eb286dfdd34115c522005fc9de0793ad03d7dcb92fdaeec9d523e9d59bb225f2b
SSDEEP

3072:64MduDTWsY9UW2T1cE9mstuJjbbp2p1tI6TO7+IikY653mTc4jpo7ya9CrJeeKTX:64i2TWsY9UrlDtuL2p1q6TO7+IikY65p

Score

N/A

Malware Config

Signatures

Files

bc1223a98c9f75017c3777981b02b8559a7ac1f2dac101b5627da4fe9d140743
.dll regsvr32 windows x86

e9ce4db8770415f5ee0d7d224fa6ce95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

isalpha
free
wcslen
__CxxFrameHandler
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
strstr
strtol
atoi
_CxxThrowException
tmpnam
fopen
fwrite
fclose
strchr
islower
malloc
strncpy
printf
isspace
isupper
isalnum
strerror
ispunct
wctomb
isxdigit
??1exception@@UAE@XZ
??3@YAXPAX@Z
isgraph
tolower
??2@YAPAXI@Z
strtok
toupper
wcscmp

oleaut32

VariantClear
SysFreeString
SysAllocString
GetErrorInfo

winmm

timeGetTime

rpcrt4

UuidToStringA

user32

RegisterClassExA
DefWindowProcA
SetTimer
KillTimer
wsprintfA
SetWindowPos
SystemParametersInfoA
CloseClipboard
OpenClipboard
DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows

wininet

InternetCloseHandle
InternetOpenUrlA
InternetSetOptionA
HttpQueryInfoA
InternetReadFile
InternetOpenA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

ole32

CoCreateInstance
CoTaskMemAlloc
CoInitialize
CoCreateGuid
CoTaskMemFree

advapi32

CryptReleaseContext
CryptAcquireContextA
RegCloseKey
RegOpenKeyExA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
CryptGenRandom

netapi32

Netbios

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

shlwapi

SHGetValueA
StrStrIA
SHSetValueA

kernel32

QueryPerformanceFrequency
GetModuleFileNameA
GetVersion
QueryPerformanceCounter
CreateFileA
FreeEnvironmentStringsA
GetEnvironmentStrings
lstrcmpiA
GetTickCount
GetLocalTime
SleepEx
HeapFree
GetProcessHeap
GetLastError
HeapSize
CloseHandle
CreateRemoteThread
lstrcmpA
FreeLibrary
GetProcAddress
LoadLibraryA
LocalFree
FormatMessageA
GetSystemInfo
lstrcpynA
GetFullPathNameA
lstrcpyA
GetSystemDirectoryA
GetCurrentDirectoryA
GetWindowsDirectoryA
GetVersionExA
GetThreadTimes
GetCurrentThread
GetProcessTimes
GetCurrentProcess
Sleep
lstrlenA
MultiByteToWideChar
GetModuleHandleA
SetLastError
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
OpenProcess
VirtualAllocEx
WriteProcessMemory
HeapAlloc
GetCurrentProcessId

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9ce4db8770415f5ee0d7d224fa6ce95

Headers

File Characteristics

Imports

msvcrt

oleaut32

winmm

rpcrt4

user32

wininet

psapi

ole32

advapi32

netapi32

version

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 24KB - Virtual size: 24KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 24KB - Virtual size: 24KB

.reloc
Size: 8KB - Virtual size: 7KB