f3f9d88656dc8bad972d55c60abb371daa9ab1fde22c9f402e4b77cf6e02d064

Sharing

Copy URL

Twitter E-mail

General

Target

f3f9d88656dc8bad972d55c60abb371daa9ab1fde22c9f402e4b77cf6e02d064
Size

376KB
MD5

24aea288eb7d818106fb5fdd784554d0
SHA1

d72fea6a9c85a6b1cc34c0e7adb9081cdbfdd9f0
SHA256

f3f9d88656dc8bad972d55c60abb371daa9ab1fde22c9f402e4b77cf6e02d064
SHA512

f74bfae20a759e0bd3d6c040b9015038525ac4cd2f24d3f2aa79f5b722907b1dc2d285b5409bad517e2e23628514a42e45408c5bf596868b9bfe9d635f73624e
SSDEEP

6144:Viscx3dZBFdlF7eAVLk3xf7zs7CE0W/9IRcczDqDNdnjcWbpFrlZqIWS3w4w/cjB:VsF7eAVLk3xDwWE0W/9GcE6qip1vqIlX

Score

N/A

Malware Config

Signatures

Files

f3f9d88656dc8bad972d55c60abb371daa9ab1fde22c9f402e4b77cf6e02d064
.dll regsvr32 windows x86

e6c44c93bff37aca88f848897aa35876

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
DisableThreadLibraryCalls
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
lstrcpyA
EnterCriticalSection
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
GetProcAddress
LoadLibraryA
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedIncrement
InterlockedDecrement
LoadLibraryExA
GetLastError
lstrlenW
TlsSetValue
TlsAlloc
GetSystemDirectoryA
WaitForSingleObject
ExitProcess
RaiseException
RtlUnwind
LocalFree
CreateThread
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
TerminateProcess
GetVersion
WriteFile
SetEvent
GetSystemTime
GetTimeFormatA
GetDateFormatA
GetTickCount
CreateEventA
FormatMessageA
CreateFileA
CloseHandle
GetVersionExA
GetFileSize
ReadFile
LocalAlloc
LocalReAlloc
TlsFree
HeapAlloc
Sleep
CreateProcessA
HeapFree
SetLastError
TlsGetValue
GetProcessHeap
DeleteFileA

user32

InvalidateRect
GetParent
PtInRect
UnionRect
GetWindowRect
ShowWindow
GetKeyState
LoadStringA
DispatchMessageA
GetMessageA
PeekMessageA
DialogBoxParamA
SendMessageA
IsDlgButtonChecked
EndDialog
MessageBoxA
SendDlgItemMessageA
DestroyWindow
BeginPaint
GetClientRect
EndPaint
GetFocus
IsChild
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
SetFocus
IsWindow
EnableWindow
CallWindowProcA
GetDlgItem
SetWindowLongA
GetWindowLongA
CreateWindowExA
ReleaseDC
GetDC
CharNextA
DefWindowProcA

gdi32

GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
CreateDCA
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA

advapi32

FreeSid
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
GetTokenInformation
AllocateAndInitializeSid
CryptDestroyHash
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
CryptAcquireContextA
CryptDecrypt
OpenProcessToken
EqualSid

oleaut32

SysAllocStringLen
DispCallFunc
SysAllocStringByteLen
OleCreatePropertyFrame
SysStringByteLen
VariantChangeType
VariantClear
SysStringLen
SysAllocString
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString
VariantInit
VariantCopy

ole32

CoUninitialize
CoGetMalloc
CoUnmarshalInterface
CoInitialize
CoMarshalInterface
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
OleSaveToStream
WriteClassStm
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
OleLoadFromStream
CLSIDFromString
CreateDataAdviseHolder
OleRegGetMiscStatus

shlwapi

StrCmpNIA
SHCopyKeyA
StrCmpW
StrRChrIA
StrStrIA
StrCmpIW
StrRChrA

wininet

InternetCrackUrlA
InternetAttemptConnect
InternetSetOptionA

rasapi32

RasGetEntryPropertiesA
RasHangUpA
RasSetEntryPropertiesA
RasDeleteEntryA
RasGetErrorStringA
RasEnumConnectionsA
RasSetEntryDialParamsA
RasGetEntryDialParamsA
RasGetProjectionInfoA
RasEnumDevicesA
RasGetConnectStatusA
RasDialA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6c44c93bff37aca88f848897aa35876

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

ole32

shlwapi

wininet

rasapi32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 166KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 44KB - Virtual size: 41KB

.reloc Size: 16KB - Virtual size: 12KB

.text Size: 136KB - Virtual size: 136KB

.text
Size: 168KB - Virtual size: 166KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 44KB - Virtual size: 41KB

.reloc
Size: 16KB - Virtual size: 12KB

.text
Size: 136KB - Virtual size: 136KB