ab4ca8f563cca86bd4c4732edc939dabc422ae5a9b9e0048b9839232a12fd836

Sharing

Copy URL Twitter E-mail

General

Target

ab4ca8f563cca86bd4c4732edc939dabc422ae5a9b9e0048b9839232a12fd836
Size

340KB
MD5

0e833bc24247053fc30155832342af15
SHA1

8b0ff863f12a6b9375678dea6fe600a74c3f4377
SHA256

ab4ca8f563cca86bd4c4732edc939dabc422ae5a9b9e0048b9839232a12fd836
SHA512

e42d75a69d22a39a28e6f8855b55d4969a334721f3468df10cd2edcd9a1e2d707d0d0a4fae45b3bd47a4a94751d22610d9e267be3410726d7c3581213064eea6
SSDEEP

6144:Jiscx3dZBFdlF7eAVLk3xf7zs7CE0W/9IRcczDqDNdnjcWb5IGcuXDHrBe2n:JsF7eAVLk3xDwWE0W/9GcE6qiQuTH1eY

Score

N/A

Malware Config

Signatures

Files

ab4ca8f563cca86bd4c4732edc939dabc422ae5a9b9e0048b9839232a12fd836
.dll regsvr32 windows x86

e6c44c93bff37aca88f848897aa35876

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
DisableThreadLibraryCalls
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
lstrcpyA
EnterCriticalSection
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
GetProcAddress
LoadLibraryA
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedIncrement
InterlockedDecrement
LoadLibraryExA
GetLastError
lstrlenW
TlsSetValue
TlsAlloc
GetSystemDirectoryA
WaitForSingleObject
ExitProcess
RaiseException
RtlUnwind
LocalFree
CreateThread
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
TerminateProcess
GetVersion
WriteFile
SetEvent
GetSystemTime
GetTimeFormatA
GetDateFormatA
GetTickCount
CreateEventA
FormatMessageA
CreateFileA
CloseHandle
GetVersionExA
GetFileSize
ReadFile
LocalAlloc
LocalReAlloc
TlsFree
HeapAlloc
Sleep
CreateProcessA
HeapFree
SetLastError
TlsGetValue
GetProcessHeap
DeleteFileA

user32

InvalidateRect
GetParent
PtInRect
UnionRect
GetWindowRect
ShowWindow
GetKeyState
LoadStringA
DispatchMessageA
GetMessageA
PeekMessageA
DialogBoxParamA
SendMessageA
IsDlgButtonChecked
EndDialog
MessageBoxA
SendDlgItemMessageA
DestroyWindow
BeginPaint
GetClientRect
EndPaint
GetFocus
IsChild
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
SetFocus
IsWindow
EnableWindow
CallWindowProcA
GetDlgItem
SetWindowLongA
GetWindowLongA
CreateWindowExA
ReleaseDC
GetDC
CharNextA
DefWindowProcA

gdi32

GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
CreateDCA
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA

advapi32

FreeSid
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
GetTokenInformation
AllocateAndInitializeSid
CryptDestroyHash
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
CryptAcquireContextA
CryptDecrypt
OpenProcessToken
EqualSid

oleaut32

SysAllocStringLen
DispCallFunc
SysAllocStringByteLen
OleCreatePropertyFrame
SysStringByteLen
VariantChangeType
VariantClear
SysStringLen
SysAllocString
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString
VariantInit
VariantCopy

ole32

CoUninitialize
CoGetMalloc
CoUnmarshalInterface
CoInitialize
CoMarshalInterface
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
OleSaveToStream
WriteClassStm
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
OleLoadFromStream
CLSIDFromString
CreateDataAdviseHolder
OleRegGetMiscStatus

shlwapi

StrCmpNIA
SHCopyKeyA
StrCmpW
StrRChrIA
StrStrIA
StrCmpIW
StrRChrA

wininet

InternetCrackUrlA
InternetAttemptConnect
InternetSetOptionA

rasapi32

RasGetEntryPropertiesA
RasHangUpA
RasSetEntryPropertiesA
RasDeleteEntryA
RasGetErrorStringA
RasEnumConnectionsA
RasSetEntryDialParamsA
RasGetEntryDialParamsA
RasGetProjectionInfoA
RasEnumDevicesA
RasGetConnectStatusA
RasDialA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6c44c93bff37aca88f848897aa35876

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

ole32

shlwapi

wininet

rasapi32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 166KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 44KB - Virtual size: 41KB

.reloc Size: 16KB - Virtual size: 12KB

.text Size: 100KB - Virtual size: 100KB

.text
Size: 168KB - Virtual size: 166KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 44KB - Virtual size: 41KB

.reloc
Size: 16KB - Virtual size: 12KB

.text
Size: 100KB - Virtual size: 100KB