cb2dbbe19fa03fa2b8040e035df3a8c77e8c53a2cffaa677b12683b867d14f85

Sharing

Copy URL Twitter E-mail

General

Target

cb2dbbe19fa03fa2b8040e035df3a8c77e8c53a2cffaa677b12683b867d14f85
Size

576KB
MD5

3bd9a15bd2ee152b577eeb88d9bd0caf
SHA1

ce1c82c7432ea11f7d0c52bb6a11ebbbec8a7266
SHA256

cb2dbbe19fa03fa2b8040e035df3a8c77e8c53a2cffaa677b12683b867d14f85
SHA512

d87060a8d27711c561520f8822c2f1608e64a01133ab52f4eeaeef5518a9ff4f173f067a3d555613c6368dbb8ab9330809c69c1048b9bddee498866cd06272f1
SSDEEP

6144:pIl2baAIdfQMss79+pIkLawaeuUF84xeMlVcX2KdC8k/XxXXb6YNJDtgdhiLXy1L:qVMsp+GwaoVcX2uCH/XxddxLixV/

Score

N/A

Malware Config

Signatures

Files

cb2dbbe19fa03fa2b8040e035df3a8c77e8c53a2cffaa677b12683b867d14f85
.dll regsvr32 windows x86

d1781b2d33e1ba223662766b0ef30fbb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

ungetc
_isatty
_write
_lseeki64
_fileno
_read
__pioinfo
__badioinfo
wcstombs
free
memcpy
??3@YAXPAX@Z
realloc
_wcsdup
memset
??2@YAPAXI@Z
memmove
wcsncmp
wcschr
ferror
wctomb
_itoa
_snprintf
localeconv
isxdigit
isleadbyte
mbtowc
calloc
iswctype
_onexit
_lock
__dllonexit
_unlock
_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
_iob
__mb_cur_max
_errno
_isnan
_ftime
fmod
atan2
pow
tan
sqrt
sin
log
exp
cos
atan
asin
acos
bsearch
_ismbblead
_wcslwr
isalpha
isdigit
_wasctime
ceil
_tzset
localtime
floor
_CIfmod
_vsnwprintf
iswxdigit
wcsstr
_CIlog
towlower
atoi
wcscspn
_statusfp
_clearfp
strrchr
_ultow
_ltow
longjmp
strtoul
_wcsicmp
_control87
_purecall
_setjmp3
_wcsnicmp
malloc

oleaut32

VariantChangeTypeEx
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
CreateTypeLi
SafeArrayRedim
LoadTypeLibEx
GetActiveObject
SysAllocString
SysAllocStringLen
VariantClear
SysFreeString
CreateTypeLib2
LoadRegTypeLi
VariantCopy
VariantCopyInd
SysStringByteLen
SysStringLen
SysAllocStringByteLen
VariantInit
SafeArrayDestroy
SafeArrayCreate
GetErrorInfo
LoadTypeLi

ole32

CreateBindCtx
MkParseDisplayName
BindMoniker
CLSIDFromString
StringFromCLSID
CLSIDFromProgID
CoGetClassObject
CoTaskMemFree
CoCreateInstance

advapi32

RegCloseKey
RegCreateKeyA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegSetValueA
RegQueryValueExA
RegOpenKeyA
RegQueryValueExW
RegOpenKeyExW

kernel32

FindResourceExW
LoadLibraryExW
MapViewOfFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
RtlUnwind
OutputDebugStringA
InterlockedCompareExchange
Sleep
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualAlloc
VirtualProtect
GetNumberFormatW
GetNumberFormatA
GetTimeFormatW
GetTimeFormatA
GetDateFormatW
GetDateFormatA
GetLocaleInfoW
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
SetLastError
GetVersion
MulDiv
GetSystemTime
CloseHandle
QueryPerformanceCounter
GetCurrentProcessId
GetTickCount
GetComputerNameA
MultiByteToWideChar
GetProcAddress
TlsSetValue
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
FreeLibrary
TlsFree
TlsAlloc
GetVersionExA
LoadLibraryExA
FindResourceA
LoadResource
LockResource
SizeofResource
FreeResource
GetModuleFileNameW
GetACP
GetSystemDefaultLCID
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetUserDefaultLCID
GetCurrentThreadId
InterlockedExchange
TlsGetValue
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
CreateFileMappingW
CreateFileW
GetVersionExW
UnmapViewOfFile
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
FindResourceW
GetTimeZoneInformation
SearchPathW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1781b2d33e1ba223662766b0ef30fbb

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

oleaut32

ole32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 424KB - Virtual size: 423KB

.data Size: 20KB - Virtual size: 17KB

.rsrc Size: 32KB - Virtual size: 31KB

.reloc Size: 20KB - Virtual size: 16KB

.text
Size: 424KB - Virtual size: 423KB

.data
Size: 20KB - Virtual size: 17KB

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 20KB - Virtual size: 16KB