4b1ca8358c3311ba29b99d14e143aff99a3a9fdbc0a45d60aef3c7927e1842a9

Sharing

Copy URL Twitter E-mail

General

Target

4b1ca8358c3311ba29b99d14e143aff99a3a9fdbc0a45d60aef3c7927e1842a9
Size

350KB
MD5

90e7e615e04e282aa38fa185c57bbde2
SHA1

b3afda66975c76cdd3f62c2583c15eb9ba6c966a
SHA256

4b1ca8358c3311ba29b99d14e143aff99a3a9fdbc0a45d60aef3c7927e1842a9
SHA512

353695980e3b735b8e96047f22429593a64ad29b265c0f5f15fb608188e5ad87732d1b0d27df32441def5d93930c413c468921191356615c2e01e8b8be33da37
SSDEEP

6144:6UiHkuZqQfv6ywdhbNnu9dvAWoRoiaWfrqZ2:PuRfLwdh5nsvC+iaWzqs

Score

N/A

Malware Config

Signatures

Files

4b1ca8358c3311ba29b99d14e143aff99a3a9fdbc0a45d60aef3c7927e1842a9
.dll regsvr32 windows x86

e1f5deea148ff7f434ebbcfc463639ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
DisableThreadLibraryCalls
GetModuleFileNameA
GetProcAddress
GetModuleHandleW
IsDBCSLeadByte
FreeLibrary
LoadLibraryExA
GetModuleHandleA
WritePrivateProfileStringA
LocalFree
GetPrivateProfileIntA
GetPrivateProfileStringA
LocalAlloc
MulDiv
GetTickCount
lstrcpyA
CloseHandle
WriteFile
SetFilePointer
CreateFileA
OutputDebugStringA
GetCurrentThreadId
FormatMessageA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetPrivateProfileSectionNamesA
FindClose
FindNextFileA
DeleteFileA
ReleaseMutex
FindFirstFileA
WaitForSingleObject
CreateMutexA
ReadFile
LocalReAlloc
LocalSize
LocalUnlock
LocalLock
lstrcpynA
LoadLibraryA
SetErrorMode
CreateDirectoryA
GetFileAttributesA
GetShortPathNameA
RemoveDirectoryA
CompareStringA
GetTimeZoneInformation
InterlockedExchange
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
lstrlenA
GetStringTypeA
GetLocaleInfoA
GetLocaleInfoW
SetConsoleCtrlHandler
GetStringTypeW
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapSize
ExitProcess
Sleep
HeapDestroy
HeapCreate
HeapReAlloc
VirtualFree
FatalAppExitA
IsValidCodePage
InterlockedDecrement
InterlockedIncrement
GetLastError
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
RaiseException
lstrlenW
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
GetCurrentThread
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
GetFullPathNameA
GetDriveTypeA
CreateThread
ExitThread
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
WideCharToMultiByte
MultiByteToWideChar
FindResourceA
LoadResource
LockResource
SizeofResource
GetTimeFormatA
CompareStringW

user32

MsgWaitForMultipleObjects
CharNextA
CharNextW
EnableWindow
IsWindowEnabled
GetDlgItem
SetRect
GetSystemMetrics
SystemParametersInfoA
SetWindowPos
GetParent
LoadStringA
GetWindowRect
RegisterClassA
CreateWindowExA
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
wsprintfA
IsIconic
ShowWindow
LoadCursorA
PostQuitMessage
GetWindowLongA
DefWindowProcA
SetWindowLongA
TranslateMessage
DispatchMessageA
PostMessageA
PeekMessageA
GetDC
ReleaseDC
IsWindow

advapi32

RegQueryInfoKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
GetRunningObjectTable
MkParseDisplayName
CreateBindCtx
ProgIDFromCLSID
CoGetInstanceFromFile
CreateFileMoniker

oleaut32

CreateErrorInfo
SetErrorInfo
VarBstrCat
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysStringByteLen
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantClear
VariantInit
SysFreeString
SysAllocStringLen
VarBstrCmp
SysStringLen

gdi32

GetDeviceCaps
GetTextMetricsA
SelectObject
GetObjectA
CreateFontIndirectA
GetStockObject

Exports

Exports

?COMWndProc@@YGJPAUHWND__@@IIJ@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1f5deea148ff7f434ebbcfc463639ac

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 193KB - Virtual size: 193KB

.rdata Size: 47KB - Virtual size: 47KB

.data Size: 77KB - Virtual size: 81KB

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 193KB - Virtual size: 193KB

.rdata
Size: 47KB - Virtual size: 47KB

.data
Size: 77KB - Virtual size: 81KB

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 13KB - Virtual size: 13KB