16306954d895630acca136c9118d281ce0764fe640187aab9ef7b0a82e4c7b43

Sharing

Copy URL Twitter E-mail

General

Target

16306954d895630acca136c9118d281ce0764fe640187aab9ef7b0a82e4c7b43
Size

146KB
MD5

0ecc64d4da3cbe5eee38d2ac23dd36e0
SHA1

20fc9d8a1ab2ea6fbcb4458a5a2226c9034b8e40
SHA256

16306954d895630acca136c9118d281ce0764fe640187aab9ef7b0a82e4c7b43
SHA512

d450995569a2ff6e16094154cbafc16fd801108538890d6afd275f6f6bd3553ff21ed5cb1ae205e638f68dbbd21d432efbb2bafb12bfff877a7bd74679862a0a
SSDEEP

3072:8jzDXmuWb5/jiMhTMAihW+EHINP+WFk6OpU:8jHXm5YMhTMFfEH5CIpU

Score

N/A

Malware Config

Signatures

Files

16306954d895630acca136c9118d281ce0764fe640187aab9ef7b0a82e4c7b43
.dll regsvr32 windows x86

4f10e667ab5cd030d3783891a58d6962

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr80

_purecall
_vsnwprintf_s
_wsplitpath_s
memcpy_s
wcscat_s
_wcsicmp
??3@YAXPAX@Z
wcscpy_s
_encode_pointer
_malloc_crt
_encoded_null
free
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
__CxxFrameHandler3
??2@YAPAXI@Z
_onexit
_lock
__dllonexit
_unlock
__CppXcptFilter

ole32

CreateDataAdviseHolder
CreateOleAdviseHolder
StringFromGUID2

oleaut32

VarBstrCat
SysFreeString
VariantClear
LoadTypeLibEx
SafeArrayDestroy
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SysAllocStringLen
UnRegisterTypeLi
SysStringByteLen
VariantInit
SysAllocStringByteLen
SetErrorInfo
SysStringLen

user32

ReleaseDC
GetDC

kernel32

GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
GetLastError
GetModuleFileNameW
lstrlenW
RaiseException
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
GlobalLock
MulDiv
GlobalAlloc
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId

gdi32

Rectangle
RestoreDC
SetWindowExtEx
DeleteMetaFile
SetWindowOrgEx
SetMapMode
SaveDC
CreateMetaFileW
GetDeviceCaps
CloseMetaFile

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4f10e667ab5cd030d3783891a58d6962

Headers

File Characteristics

Imports

msvcr80

ole32

oleaut32

user32

kernel32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 1KB - Virtual size: 1KB

.text Size: 108KB - Virtual size: 112KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 108KB - Virtual size: 112KB