47d9f545b203b5f896d151129c314ba9b3d47ee491c129429aeec5757b13482d

Sharing

Copy URL Twitter E-mail

General

Target

47d9f545b203b5f896d151129c314ba9b3d47ee491c129429aeec5757b13482d
Size

1.1MB
MD5

0c49a699a3d47af648691b2839780f20
SHA1

7da71a0b4020e0f762755941b40cf8bf58525ad8
SHA256

47d9f545b203b5f896d151129c314ba9b3d47ee491c129429aeec5757b13482d
SHA512

242e79eaf5849cf049b7267576a490fa7c3ccf152d72c6c2f8fc4c78052865c5ce8ec39c8b0cb79e17066c1c16137cd4618e615b7576bde9c089bd4ef61fc8c9
SSDEEP

12288:82HilavFoU7DUZgzXRhSJh5b21pewGVq5lriqY6eT+q06:U52XRhQ7b21wsVY6eTXV

Score

N/A

Malware Config

Signatures

Files

47d9f545b203b5f896d151129c314ba9b3d47ee491c129429aeec5757b13482d
.dll regsvr32 windows x86

97f5a634f2e3b9a161d99b7d0780be41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetModuleFileNameA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
HeapDestroy
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
SetConsoleCtrlHandler
CompareStringA
CompareStringW
SetEnvironmentVariableA
FatalAppExitA
HeapSize
VirtualQuery
GetSystemInfo
InterlockedExchange
VirtualAlloc
ExitThread
GetCommandLineA
HeapReAlloc
RtlUnwind
ExitProcess
GetDiskFreeSpaceW
GetTempFileNameW
GlobalGetAtomNameW
LocalLock
LocalUnlock
GetFileTime
SetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetShortPathNameW
CreateFileW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetStringTypeExW
DeleteFileW
MoveFileW
GlobalFlags
GetCurrentDirectoryW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
SystemTimeToFileTime
FileTimeToSystemTime
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
VirtualProtect
GlobalFindAtomW
GetVersionExA
lstrlenA
GetModuleHandleA
SuspendThread
SetThreadPriority
GlobalAddAtomW
GetCurrentThread
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
SetLastError
CopyFileW
GlobalSize
FreeResource
CreateThread
ResumeThread
ResetEvent
SetEvent
CreateEventW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetWindowsDirectoryW
GetCurrentProcessId
OpenProcess
TerminateProcess
FormatMessageW
lstrcmpW
FindAtomW
AddAtomW
CreateMutexW
CloseHandle
ReleaseMutex
WaitForSingleObject
LocalFree
GetSystemDirectoryW
WideCharToMultiByte
FindResourceExW
LoadLibraryA
GetProcAddress
GetSystemPowerStatus
GetFileAttributesW
lstrcatW
GetLocaleInfoW
FindFirstFileW
FindClose
LoadLibraryW
MulDiv
HeapAlloc
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
GetModuleHandleW
LoadLibraryExW
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
LoadResource
LockResource
SizeofResource
FindResourceW
InterlockedDecrement
InterlockedIncrement
lstrcpynW
lstrcmpiW
GetProcessHeap
HeapFree
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrcpyW
lstrlenW
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
GetTimeZoneInformation

user32

CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorW
InvalidateRect
GetTabbedTextExtentW
SetRect
MessageBeep
IsClipboardFormatAvailable
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
CharUpperW
DeleteMenu
GetSysColorBrush
ScrollWindowEx
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
MapDialogRect
GetAsyncKeyState
MapVirtualKeyW
GetKeyNameTextW
RegisterWindowMessageW
GetCapture
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
LoadIconW
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetMenu
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoW
RegisterClassW
SetWindowPlacement
SystemParametersInfoA
IsIconic
InsertMenuItemW
CopyRect
PtInRect
GetWindow
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
SetMenuItemBitmaps
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
ShowOwnedPopups
SetCursor
PostQuitMessage
UnhookWindowsHookEx
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
IsWindowEnabled
GetActiveWindow
SetActiveWindow
DrawTextW
IsRectEmpty
InSendMessageEx
ReplyMessage
FindWindowW
MessageBoxW
SetDlgItemTextW
EnumWindows
DestroyIcon
DialogBoxParamW
LoadCursorW
LoadBitmapW
GetWindowThreadProcessId
PostMessageW
GetWindowTextW
LoadAcceleratorsW
ReleaseCapture
ReuseDDElParam
UnpackDDElParam
LoadMenuW
UnionRect
CharLowerW
GetSystemMetrics
ScreenToClient
DrawIcon
LoadImageW
MapWindowPoints
FillRect
KillTimer
SetTimer
EnableWindow
GetParent
GetClientRect
CheckDlgButton
IsDlgButtonChecked
RedrawWindow
SetWindowTextW
GetDlgItem
GetDCEx
LockWindowUpdate
SetCapture
GetSystemMenu
GetWindowPlacement
SetParent
ClientToScreen
WindowFromPoint
GetDlgCtrlID
GetWindowContextHelpId
GetWindowRect
IntersectRect
GetDesktopWindow
GetSysColor
CallWindowProcW
GetWindowLongW
CreateWindowExW
SetWindowPos
SendMessageW
GetDoubleClickTime
DefWindowProcW
GetDC
ReleaseDC
GetDialogBaseUnits
wsprintfW
CreateDialogParamW
WinHelpW
SetWindowLongW
IsWindow
DestroyWindow
IsDialogMessageW
MoveWindow
ShowWindow
UnregisterClassW
CharNextW
OffsetRect
UnregisterClassA

gdi32

GetMapMode
DPtoLP
EnumFontFamiliesExW
GetCharWidthW
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
CreateCompatibleBitmap
StretchDIBits
CreateFontW
GetBkColor
SetRectRgn
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
PatBlt
CreateRectRgnIndirect
GetDCOrgEx
CreateHatchBrush
SelectClipRgn
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
SetColorAdjustment
DeleteObject
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CopyMetaFileW
GetTextColor
GetTextExtentPoint32W
GetStockObject
GetObjectW
CreateDCW
DeleteDC
BitBlt
CreateDIBSection
CreateCompatibleDC
CreateRectRgn
CreateRoundRectRgn
CombineRgn
FillRgn
CreatePatternBrush
SetTextColor
SetBkMode
SetBrushOrgEx
CreateBrushIndirect
GetDeviceCaps
CreateFontIndirectW
SelectObject
GetTextMetricsW
GetTextExtentPointW
GetClipRgn

msimg32

GradientFill

comdlg32

FindTextW
CommDlgExtendedError
ReplaceTextW
GetOpenFileNameW
GetSaveFileNameW
PrintDlgW
PageSetupDlgW
GetFileTitleW

winspool.drv

GetJobW
OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCreateKeyW
RegEnumValueW
GetFileSecurityW
SetFileSecurityW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegSetValueW

shell32

ExtractIconW
SHGetFileInfoW
DragFinish
DragQueryFileW
ShellExecuteW

comctl32

ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_Draw
ord17
ord13
ImageList_Read
ImageList_Write
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageW
ImageList_Merge
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_GetImageInfo

shlwapi

SHGetValueW
PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

ole32

CoTaskMemFree
CoTaskMemRealloc
ReleaseStgMedium
StringFromCLSID
StringFromGUID2
CoCreateInstance
CreateStreamOnHGlobal
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
CreateBindCtx
OleDuplicateData
CoTreatAsClass
CoDisconnectObject
CLSIDFromString
CoTaskMemAlloc

oleaut32

SysAllocStringByteLen
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDecFromStr
VarBstrFromDec
SysReAllocStringLen
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
VariantChangeType
VariantClear
SysStringByteLen
SysFreeString
VarUI4FromStr
SysAllocString
SysAllocStringLen
LoadRegTypeLi
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
SysStringLen

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 400KB - Virtual size: 399KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 556KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

97f5a634f2e3b9a161d99b7d0780be41

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

version

Exports

Exports

Sections

.text Size: 400KB - Virtual size: 399KB

.rdata Size: 104KB - Virtual size: 101KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 556KB - Virtual size: 552KB

.reloc Size: 40KB - Virtual size: 38KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 400KB - Virtual size: 399KB

.rdata
Size: 104KB - Virtual size: 101KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 556KB - Virtual size: 552KB

.reloc
Size: 40KB - Virtual size: 38KB

.rmnet
Size: 60KB - Virtual size: 60KB