c1e3ef0a68084b65f5327f07c483d4cc4e8d30cc8c3433166db8d388d871294a

Sharing

Copy URL Twitter E-mail

General

Target

c1e3ef0a68084b65f5327f07c483d4cc4e8d30cc8c3433166db8d388d871294a
Size

111KB
MD5

0da3f9ae08ed406ec51a2ed0dc6d4e80
SHA1

a55f1c22ac85828a0506c234d4f039a8d006fd8e
SHA256

c1e3ef0a68084b65f5327f07c483d4cc4e8d30cc8c3433166db8d388d871294a
SHA512

28efd586695b07a0e61acf5b1154cb52fc63d420cc4882899497f778ffcf303f7ae0a93e0d284f02dd4d2d0de8de0d37236828fa70ce1607a192ca5e68ac1bb3
SSDEEP

3072:miqLIK+817xqD+ZNIOxn8slSGnIf4qHBhKliR:m1LIK+8R7LTl/I5R

Score

N/A

Malware Config

Signatures

Files

c1e3ef0a68084b65f5327f07c483d4cc4e8d30cc8c3433166db8d388d871294a
.dll regsvr32 windows x86

3ad298a378e583c1a81c072dc83f81ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_purecall
memmove
_except_handler3
??2@YAPAXI@Z
_vsnwprintf
??3@YAXPAX@Z

shlwapi

StrDupW
ord414
ord174
ord269
ord270
ord158
PathRemoveFileSpecW
PathFindFileNameW
ord439
StrChrW
ord225
SHRegGetUSValueW
ord176
ord354
ord24
StrCmpLogicalW
StrCmpIW
SHStrDupW
SHGetValueW
ord219
ord437
ord215
StrCmpW
ord199
SHRegQueryUSValueW
SHRegGetBoolUSValueW
ord344
SHRegCloseUSKey
SHRegOpenUSKeyW
SHRegDeleteEmptyUSKeyW
SHRegWriteUSValueW
SHRegCreateUSKeyW
SHDeleteKeyW
ord559

occache

FindControlClose
FindFirstControl
FindNextControl
ReleaseControlHandle
GetControlInfo

shell32

ord152
ord196
ord18
SHGetDesktopFolder
SHParseDisplayName
ord743
ord256
ord16
ord19
ord155
ord100

oleaut32

VariantChangeType
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayUnaccessData
SafeArrayAccessData
VariantClear
VarCmp
VariantCopy
SysAllocString
SystemTimeToVariantTime
SysFreeString
SysAllocStringLen
VariantInit
VariantTimeToDosDateTime

advapi32

RegOpenKeyExW
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumValueW
RegEnumKeyExW
RegQueryValueExW

user32

MessageBoxW
EndDialog
SetWindowLongW
SendMessageW
GetDlgItem
GetWindowLongW
LoadStringW
PostMessageW
ShowWindow
DialogBoxParamW
SetFocus
SetWindowPos
GetScrollBarInfo
MapWindowPoints
GetWindowRect
EnableWindow

urlmon

RegisterBindStatusCallback

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

shdocvw

ord174
ord159

kernel32

EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
lstrcmpW
lstrlenW
GetWindowsDirectoryW
WideCharToMultiByte
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LoadLibraryA
InterlockedCompareExchange
DelayLoadFailureHook
LocalFree
DosDateTimeToFileTime
FileTimeToSystemTime
GetUserDefaultLCID
SetLastError
lstrcpynW
GetModuleFileNameW
GetLastError
LoadLibraryW
GetProcAddress
FreeLibrary
LoadLibraryExA
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3ad298a378e583c1a81c072dc83f81ff

Headers

File Characteristics

Imports

msvcrt

shlwapi

occache

shell32

oleaut32

advapi32

user32

urlmon

version

shdocvw

kernel32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 44KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 4KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 44KB - Virtual size: 44KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 4KB

.rmnet
Size: 56KB - Virtual size: 60KB