ec2bc8dad28806592010e3ed208a5d7bcf986f07fe4c0a0a322afbfa0f04ebd6

Sharing

Copy URL Twitter E-mail

General

Target

ec2bc8dad28806592010e3ed208a5d7bcf986f07fe4c0a0a322afbfa0f04ebd6
Size

480KB
MD5

2e805319de0246446da2027b71a0b2b0
SHA1

ec5f448a113f91b538fd52f75a546d12866c7c0c
SHA256

ec2bc8dad28806592010e3ed208a5d7bcf986f07fe4c0a0a322afbfa0f04ebd6
SHA512

0a6b97ef97a225fa4948afbf364ba1a0e39d7e1301ff2daa67bf833445bc7c8d91ccc2a095217c1f156f830bb8b23b128ecd2ec65d02b21614c66bcef330d168
SSDEEP

6144:gIm81Pjm8F8rT10n4sRN8OCtUHs9yNoUa7d5PHBVoAOY1Nlty/K8uUExTly:M81PzSy3RN8lJ6dOXl75

Score

N/A

Malware Config

Signatures

Files

ec2bc8dad28806592010e3ed208a5d7bcf986f07fe4c0a0a322afbfa0f04ebd6
.dll regsvr32 windows x86

b031e9de58ecf13cc23d88b9c4724b61

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
WideCharToMultiByte
WaitForSingleObject
lstrcpyW
lstrlenW
GetModuleFileNameW
VirtualQuery
Sleep
CreateThread
GetThreadLocale
CloseHandle
CreateEventW
CreateSemaphoreW
ResetEvent
ReleaseSemaphore
SetEvent
GetProcAddress
GetModuleHandleW
GetLocaleInfoA
GetACP
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
MultiByteToWideChar
InitializeCriticalSection
lstrlenA
RtlUnwind
ExitProcess
GetModuleFileNameA
GetLastError
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetFileInformationByHandle
PeekNamedPipe
GetFileType
SetFilePointer
CreateFileA
CreateFileW
GetCurrentThreadId
HeapAlloc
HeapReAlloc
HeapFree
GetSystemTimeAsFileTime
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
LoadLibraryA
WriteFile
GetStdHandle
GetFullPathNameA
GetCurrentDirectoryA
SetStdHandle
SetHandleCount
GetStartupInfoA
SetEndOfFile
ReadFile
UnhandledExceptionFilter
GetTimeZoneInformation
VirtualProtect
VirtualAlloc
GetSystemInfo
RaiseException
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
GetStringTypeA
GetStringTypeW
FlushFileBuffers
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapSize
lstrcpynW
InterlockedIncrement
InterlockedDecrement
OutputDebugStringW
lstrcmpW
FreeLibrary
SetThreadPriority
DisableThreadLibraryCalls

user32

EnumWindows
GetClassNameW
wsprintfW
GetWindowThreadProcessId
wvsprintfW
SetRect

ole32

CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance
CoUninitialize
CLSIDFromString
CoInitialize

msvcr71

_wcsicmp
_purecall

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegSetValueW
RegCreateKeyW
RegCloseKey

winmm

timeGetTime

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 240KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b031e9de58ecf13cc23d88b9c4724b61

Headers

File Characteristics

Imports

kernel32

user32

ole32

msvcr71

advapi32

winmm

Exports

Exports

Sections

.text Size: 240KB - Virtual size: 236KB

.rdata Size: 144KB - Virtual size: 140KB

.data Size: 8KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 792B

.reloc Size: 20KB - Virtual size: 18KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 240KB - Virtual size: 236KB

.rdata
Size: 144KB - Virtual size: 140KB

.data
Size: 8KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 792B

.reloc
Size: 20KB - Virtual size: 18KB

.rmnet
Size: 60KB - Virtual size: 60KB