044a49e27537a1e9e2f799e19921d696866a77c312055e8c9de1e8fa42e433e3

Sharing

Copy URL Twitter E-mail

General

Target

044a49e27537a1e9e2f799e19921d696866a77c312055e8c9de1e8fa42e433e3
Size

422KB
MD5

0f442d41269e07fdc9b7e4f24a417074
SHA1

43ca83c6cabc40b6a5e89548b0ae8861f48f65fd
SHA256

044a49e27537a1e9e2f799e19921d696866a77c312055e8c9de1e8fa42e433e3
SHA512

8a2308bbe2995b502d5866c6ecb8436be0bdba1047ea6d684ace59ba9a614f83bfdda4f9b14f4e24f8d8eb046272fb48907f561e3b2c37d9dc380746a6651939
SSDEEP

1536:8YH8/TH2w1hcdndDuxk7/WMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMH:VH8/THf1MndDP

Score

N/A

Malware Config

Signatures

Files

044a49e27537a1e9e2f799e19921d696866a77c312055e8c9de1e8fa42e433e3
.dll regsvr32 windows x86

ca299a8f22b6cdedf37f5d621f1b8950

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW
PathCombineW
PathFindFileNameW
StrCmpW
StrCmpIW
StrCatW

kernel32

LoadLibraryExA
CreateThread
GetProcessHeap
lstrcatA
lstrcpyA
InitializeCriticalSection
GetBinaryTypeW
CloseHandle
GetLastError
lstrcpynA
GetProcAddress
FreeLibrary
LoadLibraryA
WideCharToMultiByte
GetModuleFileNameA
MultiByteToWideChar
GetTimeFormatA
GetDateFormatA
lstrcmpA
lstrcmpiA
GetModuleHandleW
PulseEvent
CreateEventA
GetCurrentThreadId
GetTickCount
CreateFileMappingW
CreateFileW
SetFilePointerEx
DeleteFileW
SetFileAttributesW
GetTempFileNameW
GetTempPathW
WriteFile
ReadFile
LeaveCriticalSection
EnterCriticalSection
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
CreateMutexA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
FindClose
FindNextFileW
FindFirstFileW
GetModuleFileNameW
WaitForSingleObject
Sleep
ExitThread
ResetEvent
lstrcpyW

user32

GetMessageW
SetWindowsHookExW
TranslateMessage
DefWindowProcW
DestroyWindow
GetSystemMetrics
wsprintfA
DispatchMessageW
RegisterClassExW
CreateWindowExW
GetWindowRect
SetTimer
GetClassNameA
GetWindow
SendMessageW
GetWindowTextA
CallNextHookEx
ShowWindow
GetClientRect

shell32

SHGetSpecialFolderPathW

oleaut32

SysFreeString
SysAllocStringLen
VariantInit
SysAllocString
SysAllocStringByteLen
VariantClear
VariantCopy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca299a8f22b6cdedf37f5d621f1b8950

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 33KB

.data Size: 2KB - Virtual size: 54KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 2KB - Virtual size: 54KB

.reloc
Size: 3KB - Virtual size: 2KB