3c5a9c3477e278f213c19a856d985ea5c38699a7594c7a2f50f24f21e03f3a71

Sharing

Copy URL Twitter E-mail

General

Target

3c5a9c3477e278f213c19a856d985ea5c38699a7594c7a2f50f24f21e03f3a71
Size

263KB
MD5

074244484179e40c43087e4615a13360
SHA1

8874dc1e7f0971d68e950f5a7190e0430f0cdb92
SHA256

3c5a9c3477e278f213c19a856d985ea5c38699a7594c7a2f50f24f21e03f3a71
SHA512

ce977bc046b2fe24fc38b379c4b16779025a2c5ed642b8f5c6769cb810e5069318d950a21e3d86911e49a961ceec2d93943e8935b35ac6afd8aef69b570ba095
SSDEEP

6144:zYpYuGh/lKMZD8Js1NorR2BFXZp7ul1PKXy3iMy:ke7jPZD8JAN2e57ZXy3a

Score

N/A

Malware Config

Signatures

Files

3c5a9c3477e278f213c19a856d985ea5c38699a7594c7a2f50f24f21e03f3a71
.dll regsvr32 windows x86

bbb14fadad3756876b912cbbdfae91de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memcpy
_purecall
memset
wcschr
??2@YAPAXI@Z
??3@YAXPAX@Z
??_V@YAXPAX@Z
??_U@YAPAXI@Z
_wtoi
_CIsqrt
_ftol
_CIpow
_vsnwprintf
_onexit
_lock
__dllonexit
_unlock
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter

kernel32

GlobalMemoryStatus
GetLocalTime
GetVersion
GetEnvironmentStringsW
GetDiskFreeSpaceA
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DisableThreadLibraryCalls
lstrlenW
GetModuleFileNameW
FindAtomW
GetVersionExW
InterlockedDecrement
MultiByteToWideChar
lstrlenA
GetLastError
GetModuleFileNameA
InterlockedIncrement
FreeLibrary
LoadLibraryW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
CreateEventW
SetEvent
ResetEvent
WaitForSingleObject
ReleaseSemaphore
GetSystemInfo
VirtualFree
lstrcmpW
GetCurrentProcess
GetCurrentThreadId
CreateSemaphoreW
VirtualAlloc
InterlockedExchange
GetProcAddress
GetModuleHandleW
SetThreadPriority
GetTickCount
CreateThread
Sleep
InterlockedCompareExchange
RtlUnwind
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LoadLibraryA
GetModuleHandleA
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
DeviceIoControl

gdi32

GetTextExtentPointW

user32

LoadStringW
SendMessageW
ReleaseDC
GetDC
SetDlgItemInt
GetDlgItem
GetDlgItemInt
IsRectEmpty
SetWindowLongW
InvalidateRect
DestroyWindow
CreateDialogParamW
MoveWindow
GetDesktopWindow
DefWindowProcW
GetWindowRect
GetWindowLongW
ShowWindow
EqualRect

advapi32

RegDeleteKeyW
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueW
RegQueryValueExW
RegCreateKeyW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey

ole32

StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysAllocStringLen
VariantInit

msdmo

MoFreeMediaType

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bbb14fadad3756876b912cbbdfae91de

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

gdi32

user32

advapi32

ole32

oleaut32

msdmo

Exports

Exports

Sections

.text Size: 178KB - Virtual size: 178KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 12KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 178KB - Virtual size: 178KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 12KB

.rmnet
Size: 56KB - Virtual size: 60KB