e2ea2eb8c493b586c3b1a32304bf1a2167fa12b625499606d4c46af77370ef30

Sharing

Copy URL Twitter E-mail

General

Target

e2ea2eb8c493b586c3b1a32304bf1a2167fa12b625499606d4c46af77370ef30
Size

152KB
MD5

0e85f02369582653555e462d443d78b0
SHA1

e3d697d1930ee1d864d5be7dcf516421548e8a74
SHA256

e2ea2eb8c493b586c3b1a32304bf1a2167fa12b625499606d4c46af77370ef30
SHA512

651cd0e88f4fbb72d9adf4a6c6d57a876ee5d5c62d32dc41ab90608e66d480b499e855ed0e3f1ce7105c6ad04b8aa3ce0a2cf5af1ab3bf008917bf43361f2033
SSDEEP

3072:otkxa5sgb9XgnYEqfo5wrYvu7/IZlk2yye8AHu+pn4WZbE5G:otVLb9XgYER0T8uu+p4WlE

Score

N/A

Malware Config

Signatures

Files

e2ea2eb8c493b586c3b1a32304bf1a2167fa12b625499606d4c46af77370ef30
.dll regsvr32 windows x86

3fa217b71ad1f024e49e58ccf2a8f3cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetModuleFileNameA
WideCharToMultiByte
GetShortPathNameA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
lstrlenW
lstrlenA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
DisableThreadLibraryCalls
DeleteCriticalSection
InitializeCriticalSection
GetLastError
LoadLibraryExA
GetCommandLineA
GetVersion
LCMapStringW
LCMapStringA
IsBadCodePtr
LocalFree
GetCPInfo
GetACP
WriteFile
GetEnvironmentStringsW
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetFileType
GetStdHandle
GetStartupInfoA
TlsGetValue
SetHandleCount
TlsFree
TlsAlloc
SetLastError
GetCurrentThreadId
GetCurrentProcess
TlsSetValue
RtlUnwind
InterlockedDecrement
GetStringTypeW
GetStringTypeA
GetOEMCP
TerminateProcess
HeapFree
HeapAlloc
HeapReAlloc
HeapCreate
RaiseException
GetEnvironmentVariableA
GetVersionExA
VirtualFree
VirtualAlloc
ExitProcess

user32

CharNextA

advapi32

RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegEnumValueA
RegCreateKeyExA

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

BSTR_UserMarshal
BSTR_UserSize
LPSAFEARRAY_UserSize
BSTR_UserUnmarshal
BSTR_UserFree
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserUnmarshal
RegisterTypeLi
SysStringLen
LoadRegTypeLi
SafeArrayGetDim
LoadTypeLi
VarUI4FromStr
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SysStringByteLen
SafeArrayUnaccessData
SysFreeString
SysAllocStringByteLen
SysAllocString

rpcrt4

NdrDllCanUnloadNow
NdrClientCall2
NdrDllUnregisterProxy
NdrDllRegisterProxy
NdrCStdStubBuffer2_Release
NdrDllGetClassObject
NdrOleAllocate
NdrOleFree
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
NdrStubForwardingFunction
NdrStubCall2
IUnknown_QueryInterface_Proxy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3fa217b71ad1f024e49e58ccf2a8f3cc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

rpcrt4

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.orpc Size: 4KB - Virtual size: 1KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 12KB - Virtual size: 13KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 8KB - Virtual size: 4KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 36KB - Virtual size: 34KB

.orpc
Size: 4KB - Virtual size: 1KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 8KB - Virtual size: 4KB

.rmnet
Size: 60KB - Virtual size: 60KB