6cd15aab4653eea24c240494b83506255f0453688f0763c869ed173f465fe818

Sharing

Copy URL Twitter E-mail

General

Target

6cd15aab4653eea24c240494b83506255f0453688f0763c869ed173f465fe818
Size

216KB
MD5

06536668b5e940c89056c12db848cf50
SHA1

ffb4d30811e66d911c53b1d7fe68653ad4025155
SHA256

6cd15aab4653eea24c240494b83506255f0453688f0763c869ed173f465fe818
SHA512

240b5898aca2368ae0c0cd477b2c3abf1dc37477256cae5d94a24dfdb1667ab8a2ce2f716b9829f47b4ab32a3e25039d839a0a04ec595987dde33d4752934677
SSDEEP

3072:h8nvO1B0Rn+rXBllu2jMLaj6ocVkTpS+lsOJx1OYqlXPQcgYh4mGCpXVsk:Gnv9Rn+/faPbeIjsOYYocwxs+k

Score

N/A

Malware Config

Signatures

Files

6cd15aab4653eea24c240494b83506255f0453688f0763c869ed173f465fe818
.dll regsvr32 windows x86

7de146e96b1265070990368b75f4ff4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
GetStringTypeW
GetStringTypeA
SetStdHandle
GetOEMCP
GetACP
LCMapStringW
LCMapStringA
GetCPInfo
SetFilePointer
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
HeapSize
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
HeapAlloc
HeapReAlloc
HeapFree
CloseHandle
LocalFree
lstrcatA
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
WideCharToMultiByte
lstrlenA
lstrcmpA
lstrlenW
InterlockedIncrement
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcpyA
InterlockedDecrement
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
GetStartupInfoA
RtlUnwind
RaiseException

user32

GetWindowTextLengthA
SendMessageA
GetClientRect
SetWindowPos
GetWindowTextA
SetWindowTextA
SetWindowLongA
GetWindow
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
RegisterClassExA
GetDC
ReleaseDC
FillRect
DestroyCursor
LoadCursorA
LoadImageA
GetWindowLongA
SetCursor
PtInRect
ClientToScreen
GetCursorPos
TrackMouseEvent
CharNextA
CreateWindowExA
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
UnionRect
GetKeyState
ShowWindow
wsprintfA
GetClassNameA
GetDlgItem
InvalidateRgn
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetParent
GetDesktopWindow
RedrawWindow
IsWindow
BeginPaint
EndPaint
CallWindowProcA
GetFocus
IsChild
SetFocus
GetSysColor
InvalidateRect
DestroyWindow
LoadStringA

gdi32

CreateMetaFileA
SetWindowExtEx
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
RestoreDC
GetObjectA
GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectA
SetBkMode
SetTextAlign
SetTextColor
TextOutA
BitBlt
DeleteDC
GetStockObject
CreateSolidBrush
SelectObject
PatBlt
DeleteObject
CreateDCA

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA

ole32

OleInitialize
CreateStreamOnHGlobal
CoInitialize
StringFromIID
CoGetMalloc
CoTaskMemRealloc
CreateDataAdviseHolder
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CLSIDFromString
ProgIDFromCLSID
CoTaskMemFree
CLSIDFromProgID
CoCreateInstance
OleUninitialize
CoUninitialize

oleaut32

GetErrorInfo
LoadTypeLi
RegisterTypeLi
VarUI4FromStr
OleCreatePropertyFrame
LoadRegTypeLi
OleCreateFontIndirect
CreateErrorInfo
SetErrorInfo
VariantInit
VariantClear
SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString

wininet

InternetCombineUrlA

urlmon

CoInternetParseUrl

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7de146e96b1265070990368b75f4ff4c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

wininet

urlmon

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 20KB - Virtual size: 22KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 12KB - Virtual size: 9KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 20KB - Virtual size: 22KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 12KB - Virtual size: 9KB

.rmnet
Size: 60KB - Virtual size: 60KB