5ad1aacf633561825183e73533a188651020c18e77f6cd5c77301d0632ece16a

Sharing

Copy URL Twitter E-mail

General

Target

5ad1aacf633561825183e73533a188651020c18e77f6cd5c77301d0632ece16a
Size

142KB
MD5

49c3f63fb531c03fe9f7266c92964260
SHA1

b6d0073ce33b0462d7d3f0022b4cafcf885e1139
SHA256

5ad1aacf633561825183e73533a188651020c18e77f6cd5c77301d0632ece16a
SHA512

b2183a30ebeb5573bd933d411fd7a395e08328f7d67c0ae2c6be02da62ba596a54b9fcbdec7ebc47dd0a289ffd8fc30992d756efc82450a7c754777a141bbf68
SSDEEP

3072:lKI8h3NKncYyUbs5EKPWPyZRziVP9pVTFS:le3NKncYnb1fMQV1fF

Score

N/A

Malware Config

Signatures

Files

5ad1aacf633561825183e73533a188651020c18e77f6cd5c77301d0632ece16a
.dll regsvr32 windows x86

e763e5d33049fe99a3da9b2f3a4c4faa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
CreateEventW
CreateFileA
FileTimeToSystemTime
lstrlenW
DeviceIoControl
MapViewOfFile
UnmapViewOfFile
FreeLibrary
WideCharToMultiByte
LoadLibraryW
GetFileSizeEx
GetProcAddress
CreateFileMappingW
DeleteFileW
lstrlenA
GetModuleFileNameA
GetPrivateProfileStringW
CopyFileW
IsBadWritePtr
MultiByteToWideChar
GetLastError
lstrcpyW
GetProcessHeap
CloseHandle
CreateFileW
GetTickCount
DisableThreadLibraryCalls
InterlockedDecrement
DebugBreak
InterlockedIncrement
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
RtlUnwind
GetCurrentProcessId
QueryPerformanceCounter
RaiseException
GetEnvironmentStringsW
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
WriteFile
GetStdHandle
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

user32

SendMessageW
OemToCharW

advapi32

RegDeleteKeyA
RegSetValueExA
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyA

shell32

SHGetFolderPathW

ole32

CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2

oleaut32

SysFreeString
SysAllocString

shlwapi

wnsprintfA
StrCmpIW
StrCatBuffA
StrCatBuffW
StrStrIW
StrCpyW
StrToIntW
PathFileExistsW
wnsprintfW
PathAppendW
StrCmpNIW

urlmon

URLDownloadToFileW

wininet

DeleteUrlCacheEntryW

rpcrt4

UuidCreateSequential

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e763e5d33049fe99a3da9b2f3a4c4faa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

urlmon

wininet

rpcrt4

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 5KB - Virtual size: 11KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 6KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 5KB - Virtual size: 11KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 6KB

.rmnet
Size: 56KB - Virtual size: 60KB