147db6a70a28a96a188ea006a8b317667237bce43a36477fb0b2687b79824a6a

Sharing

Copy URL Twitter E-mail

General

Target

147db6a70a28a96a188ea006a8b317667237bce43a36477fb0b2687b79824a6a
Size

124KB
MD5

0d730a05644ab7e8bbb8ba32dcb64410
SHA1

d127b4db7b45386c3b88d6961c96ee7f0e1f0661
SHA256

147db6a70a28a96a188ea006a8b317667237bce43a36477fb0b2687b79824a6a
SHA512

85ee3dd55c7d7448fe63ecc92e86b8fcbe9be76ea9fec0d040d874a5442c2415f67bf6f84f4586ba571700172faf4fd2a8e9d573748a7089df0bbc990d30e271
SSDEEP

768:fD2mqCNVxG5BFoa1f6JRzcYdeZnnv5QNsJt5QzItYnM1L4nD2:CMNrGhlN6zcYeJv5LJt5SnMM

Score

N/A

Malware Config

Signatures

Files

147db6a70a28a96a188ea006a8b317667237bce43a36477fb0b2687b79824a6a
.dll regsvr32 windows x86

e89cbaa1273de8ed0fc3b945750c821e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
IsDBCSLeadByte
lstrcpynA
HeapDestroy
lstrcpyA
lstrcatA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
SizeofResource
LoadResource
FindResourceA
GetLastError
LoadLibraryExA
GetShortPathNameA
LockResource
GetLocaleInfoA
GetLocaleInfoW
GetTimeFormatA
GetTimeFormatW
GetNumberFormatA
GetNumberFormatW
GetCurrencyFormatA
GetCurrencyFormatW
GetUserDefaultLCID
GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetVersionExA
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
GetModuleHandleA
TlsFree
SetLastError
TlsGetValue
lstrlenA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
GetStringTypeA
GetStringTypeW
SetFilePointer
LCMapStringA
LCMapStringW
RtlUnwind
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
FlushFileBuffers
CloseHandle
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrlenW
WideCharToMultiByte
TlsAlloc
MultiByteToWideChar

user32

CharNextA
GetDesktopWindow
IsWindowUnicode

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegOpenKeyExA

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

oleaut32

SysFreeString
VarUI4FromStr
LoadTypeLi
SystemTimeToVariantTime
RegisterTypeLi
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e89cbaa1273de8ed0fc3b945750c821e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 55KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 52KB - Virtual size: 48KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 55KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 52KB - Virtual size: 48KB

.reloc
Size: 8KB - Virtual size: 4KB