74a9916ac900809bbbf8d45d3ceeab12da11ac6a3d89a5a938c82630ca68b96b

Sharing

Copy URL Twitter E-mail

General

Target

74a9916ac900809bbbf8d45d3ceeab12da11ac6a3d89a5a938c82630ca68b96b
Size

139KB
MD5

051f7e5d13daa1d2e0b9303121523230
SHA1

d953dbd88f5b4b5beae08a023192fc9711060b14
SHA256

74a9916ac900809bbbf8d45d3ceeab12da11ac6a3d89a5a938c82630ca68b96b
SHA512

ca1a18942738081d6ba5158aaf44ab005e37acb3f990a39f9c4cadc871bff8351671c73cff615e12c542aa29d1b9fff4606c27c36984b1c76973f0d5e0f47c43
SSDEEP

3072:1kcdvNuHLF14wQ7sLzjC/a60HFv1bAXAeprdt:1ZvY0wBbC/94dC7

Score

N/A

Malware Config

Signatures

Files

74a9916ac900809bbbf8d45d3ceeab12da11ac6a3d89a5a938c82630ca68b96b
.dll regsvr32 windows x86

fd8aab5a8588e659b2d777d39e8f533f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
MultiByteToWideChar
lstrlenW
RaiseException
GetLastError
EnterCriticalSection
lstrcmpiW
DeleteCriticalSection
SetThreadLocale
GetThreadLocale
Sleep
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
SizeofResource
InitializeCriticalSection
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
LoadLibraryExW
LoadResource
FreeLibrary
InterlockedCompareExchange
FindResourceW
GetLocaleInfoA
GetVersionExA

msvcr80

_onexit
__clean_type_info_names_internal
_except_handler4_common
_crt_debugger_hook
_lock
__dllonexit
_unlock
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
wcscpy_s
wcscat_s
??2@YAPAXI@Z
memcpy_s
_purecall
??_V@YAXPAX@Z
_recalloc
_wsplitpath_s
malloc
free
??_U@YAPAXI@Z
wcsncpy_s
swprintf_s
??3@YAXPAX@Z
_initterm
memset

user32

UnregisterClassA
CharNextW

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW

ole32

CoTaskMemRealloc
CoCreateInstance
CLSIDFromString
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2

oleaut32

UnRegisterTypeLi
SysAllocString
LoadRegTypeLi
SysFreeString
VarUI4FromStr
LoadTypeLi
SysStringLen
RegisterTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fd8aab5a8588e659b2d777d39e8f533f

Headers

File Characteristics

Imports

kernel32

msvcr80

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 1KB

.text Size: 108KB - Virtual size: 112KB

.text
Size: 21KB - Virtual size: 21KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 108KB - Virtual size: 112KB