d931648f4381cb5311e21a6f53dc7803602ca16574234c5aa54cba8890e68649

Sharing

Copy URL Twitter E-mail

General

Target

d931648f4381cb5311e21a6f53dc7803602ca16574234c5aa54cba8890e68649
Size

121KB
MD5

0c608341e02b87d0fe97855c7b633790
SHA1

31bfd350c05e56946b96acbab11debf3a055db2f
SHA256

d931648f4381cb5311e21a6f53dc7803602ca16574234c5aa54cba8890e68649
SHA512

5ac9cceb1ea2a49ad04df87a1521ccf24f76fab2124e78bdad21110d2342ecd2119dfe3bd36f8be4b94585b8b10e5c8e60aba65bc55fdff42995f156031faf34
SSDEEP

3072:4PYkaAYBFcLS85Oyr8aVJ5d4AZc5Mz7wZf:4gVAYQLS851Xrd4AZuM/w5

Score

N/A

Malware Config

Signatures

Files

d931648f4381cb5311e21a6f53dc7803602ca16574234c5aa54cba8890e68649
.dll regsvr32 windows x86

68aeab119d29155684fc43a0a72e3bfe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_initterm
_amsg_exit
_adjust_fdiv
memset
bsearch
free
wcsstr
wcsrchr
malloc
_XcptFilter
memcpy

gdi32

LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateFontIndirectW
SelectObject
DeleteObject
GetTextCharset
EnumFontFamiliesExW
RestoreDC
SetWindowOrgEx
SaveDC
CreateRectRgnIndirect
CreateDCW
GetDeviceCaps
ExtEscape

kernel32

GetUserDefaultUILanguage
EnumUILanguagesW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetLocaleInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
VirtualFree
CompareStringW
GetVersion
GetProcessHeap
GetModuleHandleW
HeapReAlloc
HeapSize
LoadLibraryA
SetLastError
GetModuleFileNameA
DisableThreadLibraryCalls
HeapFree
HeapAlloc
GetProcAddress
GetSystemDefaultLCID
LocalAlloc
TerminateProcess
UnhandledExceptionFilter
GetVersionExW
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
MultiByteToWideChar
FlushInstructionCache
GetCurrentProcess
GetLastError
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
lstrlenA
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameW
HeapDestroy

user32

GetSystemMetrics
GetKeyboardLayoutList
IsCharAlphaW
CallWindowProcW
DefWindowProcW
GetKeyState
CharNextW
CharPrevW
CreateWindowExW
DestroyWindow
GetWindowLongW
SetWindowLongW
SetWindowPos
GetClientRect
BeginPaint
EndPaint
GetDC
ReleaseDC
InvalidateRect
ShowWindow
SetFocus
IsChild
SetWindowRgn
IsWindow
GetClassInfoExW
LoadCursorW
wsprintfW
RegisterClassExW
GetFocus
DestroyAcceleratorTable
IntersectRect
EqualRect
OffsetRect

advapi32

RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteKeyW

oleaut32

SafeArrayGetUBound
SysAllocString
SysStringLen
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
OleCreatePropertyFrame
VariantInit
SafeArrayCopy
VariantChangeTypeEx
SafeArrayGetElement
SysFreeString
SafeArrayGetLBound
SafeArrayDestroy
SysAllocStringLen

ole32

CoCreateInstance
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CreateOleAdviseHolder
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

8ertutil

ord309
ord9

8rlmon

ord414

8hlwapi

StrCpyW
StrCatW
StrCmpIW
StrCpyNW
StrStrIA
ord29

Exports

Exports

DllCanUnloadNow
DllEnumClassObjects
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

68aeab119d29155684fc43a0a72e3bfe

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

gdi32

kernel32

user32

advapi32

oleaut32

ole32

8ertutil

8rlmon

8hlwapi

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 52KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 3KB - Virtual size: 2KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 52KB - Virtual size: 52KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 3KB - Virtual size: 2KB

.rmnet
Size: 56KB - Virtual size: 60KB