99308a8174875bac3d6800b71f37bef0b20c3b8c4e1dd70e3af3c2e6cad0f76d

Sharing

Copy URL Twitter E-mail

General

Target

99308a8174875bac3d6800b71f37bef0b20c3b8c4e1dd70e3af3c2e6cad0f76d
Size

257KB
MD5

1ce0c7f54f3e5ed691f9e909ea261859
SHA1

7de953d9ee149d6f8ecbe7cef174b4b72bd694cb
SHA256

99308a8174875bac3d6800b71f37bef0b20c3b8c4e1dd70e3af3c2e6cad0f76d
SHA512

cbafe8abc2e2161b2f4b91ea4f3c52115f16743b8defb0434282697a5c907eba1cd1459363fd90c3c5c5dc5784c9eafeaaebcb25e057f3a7563c835291b71f00
SSDEEP

1536:OcT4fLtLJmHL/xTWmvlkulgEUBk1TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTn:fEfLtLJeL/xTfv78

Score

N/A

Malware Config

Signatures

Files

99308a8174875bac3d6800b71f37bef0b20c3b8c4e1dd70e3af3c2e6cad0f76d
.dll regsvr32 windows x86

efc76a47c5569ba34b42f9096ca8b198

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW
PathCombineW
PathFindFileNameW
StrCmpW
StrCmpIW
StrCatW

kernel32

CreateThread
CreateMutexA
GetProcessHeap
CloseHandle
lstrcatA
lstrcpyA
InitializeCriticalSection
GetBinaryTypeW
GetLastError
lstrcpynA
GetProcAddress
FreeLibrary
LoadLibraryExA
WideCharToMultiByte
GetModuleFileNameA
MultiByteToWideChar
GetTimeFormatA
GetDateFormatA
lstrcmpA
lstrcmpiA
GetModuleHandleW
PulseEvent
CreateEventA
GetCurrentThreadId
GetTickCount
CreateFileMappingW
CreateFileW
SetFilePointerEx
DeleteFileW
SetFileAttributesW
GetTempFileNameW
GetTempPathW
WriteFile
ReadFile
LeaveCriticalSection
EnterCriticalSection
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
ResetEvent
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
FindClose
FindNextFileW
FindFirstFileW
GetModuleFileNameW
WaitForSingleObject
Sleep
ExitThread
lstrcpyW

user32

TranslateMessage
GetMessageW
SetWindowsHookExW
DispatchMessageW
DestroyWindow
GetSystemMetrics
wsprintfA
wsprintfW
RegisterClassExW
CreateWindowExW
GetWindowRect
SetTimer
GetClassNameA
GetWindow
SendMessageW
GetWindowTextA
CallNextHookEx
GetClientRect
DefWindowProcW
ShowWindow

shell32

SHGetSpecialFolderPathW

oleaut32

SysFreeString
SysAllocStringLen
VariantInit
SysAllocString
SysAllocStringByteLen
VariantClear
VariantCopy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efc76a47c5569ba34b42f9096ca8b198

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 2KB - Virtual size: 55KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 2KB - Virtual size: 55KB

.reloc
Size: 3KB - Virtual size: 2KB