4052da77a61ee9e0d31b09d99948dd5f840ee7b00a633592fd269f47f5f158eb

Sharing

Copy URL

Twitter E-mail

General

Target

4052da77a61ee9e0d31b09d99948dd5f840ee7b00a633592fd269f47f5f158eb
Size

164KB
MD5

0c33e6dae410c48569c6f73a23bb7dd0
SHA1

9e4ed6926bcf64142bb20715c47cdc8de1d8647c
SHA256

4052da77a61ee9e0d31b09d99948dd5f840ee7b00a633592fd269f47f5f158eb
SHA512

7980939a63da127010a909bd3d58590ad7e4b393193c587a3adef2d01e6f3ab4077dda42fa8434b6dd92c5cb650a7683d51f3130b75742b2e2b78146862beabe
SSDEEP

3072:yU+zTL8SEs9ulWcVwUN2GjkuKZIAX9Cb8YlyUBgnKquhOiL2J/sIyy:7OTZAljVwQgX9eloKyiCJ/sIyy

Score

N/A

Malware Config

Signatures

Files

4052da77a61ee9e0d31b09d99948dd5f840ee7b00a633592fd269f47f5f158eb
.dll regsvr32 windows x86

1ff8924481e7506f482f99eafb98439d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
FlushInstructionCache
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
HeapSize
LocalAlloc
LoadLibraryA
GetVersionExA
RaiseException
HeapDestroy
MulDiv
GetFileSize
ReadFile
CloseHandle
lstrlenA
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
LeaveCriticalSection
EnterCriticalSection
GetLastError
MultiByteToWideChar
FindClose
SizeofResource
GetProcAddress
LoadResource
LockResource

user32

GetFocus
UnregisterClassA
DestroyAcceleratorTable
SetWindowPos
GetParent
PtInRect
ClientToScreen
GetSystemMetrics
GetDlgCtrlID
SetCursor
UpdateWindow
EndDialog
MoveWindow
GetWindowRect
GetWindow
GetSysColor
ReleaseDC
GetDesktopWindow
GetDC
ReleaseCapture
SetCapture
FillRect
GetClientRect
InvalidateRect
InvalidateRgn
EndPaint
BeginPaint
SetFocus
IsChild
DestroyWindow
IsWindow
GetDlgItem
RedrawWindow
GetActiveWindow
IsWindowEnabled
SendMessageA
EnableWindow
GetCursorPos
SetCursorPos
MapWindowPoints
KillTimer
SetTimer
ScreenToClient

gdi32

CreateSolidBrush
CreateCompatibleDC
MoveToEx
CreatePen
SelectObject
BitBlt
CreateCompatibleBitmap
DeleteObject
GetStockObject
LineTo
DeleteDC
GetDeviceCaps

comctl32

ImageList_Destroy

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString

oleaut32

RegisterTypeLi
LoadTypeLi
DispCallFunc
LoadRegTypeLi
VariantInit
VariantClear
OleCreateFontIndirect
SysFreeString
SysAllocString
SysAllocStringLen
SysStringLen
VarUI4FromStr
SysStringByteLen

msvcr70

memset
_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
qsort
_wcsnicmp
iswspace
_wtol
_itow
iswdigit
wcstoul
_except_handler3
wcsrchr
wcslen
??_U@YAPAXI@Z
realloc
free
wcstok
wcscat
wcscpy
??2@YAPAXI@Z
_wcsicmp
_purecall
memmove
??_V@YAXPAX@Z
??3@YAXPAX@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
VSDllRegisterServer
VSDllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1ff8924481e7506f482f99eafb98439d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

advapi32

ole32

oleaut32

msvcr70

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 73KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 6KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 76KB - Virtual size: 73KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 6KB

.rmnet
Size: 60KB - Virtual size: 60KB