71452d7858da08a049f73d9c46c8b48c2076359d821b4a5a66252e1272743cf3

Sharing

Copy URL Twitter E-mail

General

Target

71452d7858da08a049f73d9c46c8b48c2076359d821b4a5a66252e1272743cf3
Size

124KB
MD5

063691c20d7fbe90833641655f9bd4d0
SHA1

b8f0ce84ff63b411f4a643bdc0be529cddecf481
SHA256

71452d7858da08a049f73d9c46c8b48c2076359d821b4a5a66252e1272743cf3
SHA512

d72a469a9657a5ca95cf8a56e80551d0d6d3317168c22f3c12aabd77d7f9872764336c06a9e5643af3e23588d7cee5e9eabef84576bf619f3047669b4fbd5d9c
SSDEEP

1536:KNrPqE/izxjUROV7NQ5wmarPYkfLAaQ9BbJn3x57ylBadp2+OKVztNgdTryFoT+d:K9PxOKGPpu9BbJ3x57ylwn26u8Xsq00

Score

N/A

Malware Config

Signatures

Files

71452d7858da08a049f73d9c46c8b48c2076359d821b4a5a66252e1272743cf3
.dll regsvr32 windows x86

d415f103e2751c6ca53b29177851e3a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalUnlock
MulDiv
SetLastError
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
lstrcmpA
GlobalAlloc
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
EnterCriticalSection
GetFileAttributesW
DisableThreadLibraryCalls
HeapReAlloc
HeapDestroy
GetModuleFileNameA
GetLastError
GetModuleFileNameW
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
lstrlenA
MultiByteToWideChar
GetModuleHandleA
lstrlenW
WideCharToMultiByte
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
lstrcmpiA
IsDBCSLeadByte
FreeLibrary
HeapSize

gdi32

CreateFontIndirectW
GetObjectA
GetStockObject
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
DeleteObject
SelectObject
GetDeviceCaps
SetBkMode

msvcr80

strcat_s
_recalloc
memcpy_s
_resetstkoflw
free
??_V@YAXPAX@Z
_purecall
sprintf_s
swprintf_s
_vsnwprintf_s
_wcsnicmp
wcschr
wcsncpy_s
calloc
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_unlock
__dllonexit
_lock
_onexit
__clean_type_info_names_internal
_except_handler4_common
_crt_debugger_hook
wcscat_s
_wsplitpath_s
_wmakepath_s
memset
strcpy_s
strncpy_s
??3@YAXPAX@Z
_callnewh
malloc

user32

UnregisterClassA
CallWindowProcA
DestroyAcceleratorTable
BeginPaint
ScreenToClient
ClientToScreen
GetClientRect
DestroyWindow
SendMessageA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
MoveWindow
SetWindowPos
GetWindowRect
CreateWindowExA
GetWindowLongA
SetWindowLongA
CharNextA
DrawTextA
GetSystemMetrics
SetDlgItemTextW
EndDialog
CharNextW
SetWindowTextW
LoadStringW
RegisterWindowMessageA
DefWindowProcA
ReleaseCapture
CreateAcceleratorTableA
GetDesktopWindow
FillRect
GetFocus
EndPaint
GetSysColor
RegisterClassExA
LoadCursorA
GetClassInfoExA
GetClassNameA
IsWindow
GetDlgItem
GetParent
IsChild
GetWindow
SetFocus
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC

advapi32

RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyW
RegDeleteKeyA

shell32

DragQueryFileW

ole32

StringFromGUID2
OleUninitialize
OleInitialize
OleLockRunning
CreateStreamOnHGlobal
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree

oleaut32

VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
SysAllocStringLen
SysFreeString
VariantClear
VariantInit
SysAllocString
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
VSDllRegisterServer
VSDllUnregisterServer

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d415f103e2751c6ca53b29177851e3a1

Headers

File Characteristics

Imports

kernel32

gdi32

msvcr80

user32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 58KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 4KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 4KB

.rmnet
Size: 56KB - Virtual size: 60KB