6a29d9eb08f62afa85cc04e50eb335176194c156ced406a1c53c3476454ef8c5

Sharing

Copy URL Twitter E-mail

General

Target

6a29d9eb08f62afa85cc04e50eb335176194c156ced406a1c53c3476454ef8c5
Size

496KB
MD5

0db69ec73e1ce4e89356712d6caf7dbd
SHA1

b0dcd3a35f9b7622ef54578a8ee0db08041a1576
SHA256

6a29d9eb08f62afa85cc04e50eb335176194c156ced406a1c53c3476454ef8c5
SHA512

6f5ae85115956ba4f467ce5596723d72a5b2528c1214ad718bf56b74586f01bd6658ebd4fa19440aef2169d0dc0809579e66453c56d3fc1f96d4411e78215248
SSDEEP

12288:acU2q5htATHms2ndsvIGsa/ZcSBnSmd7hodP0JK5wbsTzvl:aWmhtATCd+IGsaKoSlS2PN

Score

N/A

Malware Config

Signatures

Files

6a29d9eb08f62afa85cc04e50eb335176194c156ced406a1c53c3476454ef8c5
.dll regsvr32 windows x86

187b889c6e11bc1383f47d002e1d1c82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetClassDevsA
SetupDiOpenDevRegKey
SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInfo

kernel32

GetVersionExA
lstrcmpA
FormatMessageA
Sleep
GetProcAddress
LoadLibraryA
lstrcpyA
SetFilePointer
LocalReAlloc
SetLastError
GetCurrentThreadId
DeviceIoControl
GetCurrentProcessId
GetCurrentProcess
FlushInstructionCache
GetTempPathA
GetFileAttributesA
WriteFile
OutputDebugStringA
CreateFileA
CloseHandle
GetTickCount
GetProcessHeap
HeapAlloc
LocalAlloc
LocalHandle
LocalFree
FindResourceExA
LockResource
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
IsDBCSLeadByte
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
CompareStringW
CompareStringA
DisableThreadLibraryCalls
lstrcmpiA
lstrlenA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
IsProcessorFeaturePresent
InterlockedCompareExchange
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
TlsFree
GlobalGetAtomNameA
GetThreadLocale
GlobalFlags
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GetLocaleInfoA
GetCPInfo
GetOEMCP
FlushFileBuffers
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
SetEnvironmentVariableA
GetCommandLineA
HeapSize
ExitProcess
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetACP

user32

CheckMenuItem
EnableMenuItem
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindowPlacement
CopyRect
AdjustWindowRectEx
GetClassInfoA
GetMenu
GetClientRect
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
RemovePropA
GetPropA
SetPropA
GetClassLongA
GetCapture
WinHelpA
LoadIconA
RegisterWindowMessageA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
DestroyMenu
ClientToScreen
GetDlgCtrlID
PtInRect
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
GetSubMenu
GetMenuItemID
GetMenuState
MessageBoxA
GetLastActivePopup
SendMessageA
UnhookWindowsHookEx
GetWindow
GetClassNameA
GetWindowTextA
GetMenuItemCount
LoadStringA
RegisterClassA
GetForegroundWindow
GetWindowThreadProcessId
SetForegroundWindow
IsIconic
PostQuitMessage
PostMessageA
DispatchMessageA
PeekMessageA
GetDC
ReleaseDC
GetWindowRect
GetParent
SetWindowPos
SystemParametersInfoA
GetSystemMetrics
GetDlgItem
IsWindowEnabled
EnableWindow
wsprintfA
CreateWindowExA
RegisterClassExA
DestroyWindow
LoadCursorA
GetClassInfoExA
IsWindow
KillTimer
SetTimer
SetWindowTextA
CallWindowProcA
GetWindowLongA
SetWindowLongA
DefWindowProcA
CharNextA
GetSysColorBrush
GetSysColor
ValidateRect
GetFocus
GetKeyState

gdi32

SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
GetStockObject
SelectObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC

winspool.drv

OpenPrinterA
ClosePrinter
EnumPortsA
EnumPrintersA
DocumentPropertiesA

advapi32

RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
ProgIDFromCLSID

oleaut32

CreateErrorInfo
SetErrorInfo
SafeArrayRedim
SafeArrayCreate
SafeArrayDestroy
VariantCopy
SysStringByteLen
SysAllocStringByteLen
VarBstrCat
SafeArrayLock
SafeArrayUnlock
SysAllocStringLen
VariantClear
VariantInit
LoadRegTypeLi
VariantChangeType
SysStringLen
SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr

oleacc

LresultFromObject
CreateStdAccessibleObject

Exports

Exports

?COMWndProc@@YGJPAUHWND__@@IIJ@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

187b889c6e11bc1383f47d002e1d1c82

Headers

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

oleaut32

oleacc

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 48KB - Virtual size: 122KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 24KB - Virtual size: 23KB

.text Size: 196KB - Virtual size: 196KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 48KB - Virtual size: 122KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 24KB - Virtual size: 23KB

.text
Size: 196KB - Virtual size: 196KB