2e4b819cb1b84fa62efd1eafb7273ef4ccd5256cf3b58c5b3c27e8b389563934

Sharing

Copy URL

Twitter E-mail

General

Target

2e4b819cb1b84fa62efd1eafb7273ef4ccd5256cf3b58c5b3c27e8b389563934
Size

286KB
MD5

15c7bd08b2c51b52df8a7c2e775e1d70
SHA1

5637f18563bf8563ec07fe263ec2e1b3b7feb6ca
SHA256

2e4b819cb1b84fa62efd1eafb7273ef4ccd5256cf3b58c5b3c27e8b389563934
SHA512

fafb512f290bac7ca55afbc5325a9529ce7ce93bca0bd465f022ed345f54364487445df7e14575ff334dccdfa7b8f3bac14e19d99ba17b684552444e006f3499
SSDEEP

6144:Xd+u3DgfTqLAIyyDcvkomU2zCUOoG6NyFNSam1tmG:XEu3UEDmkp5OSNyzAfmG

Score

N/A

Malware Config

Signatures

Files

2e4b819cb1b84fa62efd1eafb7273ef4ccd5256cf3b58c5b3c27e8b389563934
.dll regsvr32 windows x86

29add6e8abbb91deeabcbe4b1eb60aa3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msctf

TF_CreateThreadMgr

kernel32

LCMapStringA
LCMapStringW
GetStringTypeW
lstrcmpA
LocalReAlloc
GetStringTypeA
GetOEMCP
GetCPInfo
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
RtlUnwind
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
HeapSize
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
HeapReAlloc
HeapFree
HeapAlloc
GetCurrentProcess
SetProcessWorkingSetSize
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
ReleaseMutex
WaitForSingleObject
CreateMutexA
UnmapViewOfFile
CloseHandle
GetCurrentThreadId
GetModuleHandleA
LocalAlloc
LocalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetLocaleInfoA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
HeapDestroy
lstrcpynA
GetACP
GetVersionExA
IsDBCSLeadByte
lstrcmpiA
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
lstrcatA
lstrlenA
lstrcpyA
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
lstrlenW
WideCharToMultiByte
MultiByteToWideChar

user32

GetKeyState
GetCursor
IsWindowVisible
GetMessageA
VkKeyScanW
VkKeyScanA
FrameRect
DrawStateA
SetWindowRgn
OffsetRect
GetIconInfo
GetDoubleClickTime
SetCursor
MoveWindow
GetClassInfoExA
LoadCursorA
RegisterClassExA
BeginPaint
EndPaint
WindowFromPoint
AdjustWindowRectEx
GetCursorPos
SetCapture
ReleaseCapture
SetWindowPos
ShowWindow
CreateWindowExA
GetWindowLongA
SetWindowLongA
DrawTextExW
DrawTextExA
LoadStringA
SetWindowsHookExA
CallNextHookEx
UnhookWindowsHookEx
PeekMessageA
WaitMessage
TranslateMessage
DispatchMessageA
PostQuitMessage
PostThreadMessageA
ScreenToClient
GetClientRect
SystemParametersInfoW
SystemParametersInfoA
IsRectEmpty
DrawIconEx
GetSysColorBrush
InvertRect
FillRect
DrawFrameControl
DrawEdge
GetSysColor
IntersectRect
UnionRect
KillTimer
SetTimer
InflateRect
GetDC
ReleaseDC
GetWindowRect
InvalidateRect
SetRect
ClientToScreen
DestroyWindow
DestroyIcon
LoadImageA
IsWindow
UpdateWindow
DefWindowProcA
GetKeyboardState
ToAscii
CharNextA
GetSystemMetrics
RegisterWindowMessageA
PostMessageA
PtInRect

gdi32

StretchDIBits
CreateBitmap
CreateDCA
ExtTextOutW
ExtTextOutA
SetTextAlign
GetTextAlign
GetTextExtentPoint32W
GetTextExtentPointA
SetBkColor
GetWindowExtEx
GetViewportExtEx
ExtSelectClipRgn
IntersectClipRect
SelectPalette
CreateRectRgn
SetViewportOrgEx
CombineRgn
CreatePolygonRgn
CreateRoundRectRgn
FrameRgn
FillRgn
SelectObject
CreateSolidBrush
RoundRect
CreateBrushIndirect
TextOutA
CreateFontA
CreateDIBSection
GetDeviceCaps
RealizePalette
GetDIBits
GetTextMetricsA
CreateFontIndirectA
CreateFontIndirectW
TranslateCharsetInfo
SetWindowOrgEx
CreateCompatibleBitmap
BitBlt
GetEnhMetaFileHeader
PlayEnhMetaFile
GetObjectA
CreateCompatibleDC
StretchBlt
DeleteDC
GetTextExtentPointW
GetTextColor
SetBkMode
SetTextColor
CreatePen
MoveToEx
LineTo
GetStockObject
GetClipRgn
DeleteObject
GetCurrentObject

advapi32

AllocateAndInitializeSid
RegDeleteValueA
RegCloseKey
GetSecurityDescriptorDacl
GetLengthSid
InitializeAcl
AddAccessAllowedAce
IsValidAcl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
RegDeleteKeyA
IsValidSid
FreeSid
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

comctl32

ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

29add6e8abbb91deeabcbe4b1eb60aa3

Headers

File Characteristics

Imports

msctf

kernel32

user32

gdi32

advapi32

ole32

comctl32

Exports

Exports

Sections

.text Size: 191KB - Virtual size: 191KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 16KB - Virtual size: 15KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 191KB - Virtual size: 191KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 16KB - Virtual size: 15KB

.rmnet
Size: 56KB - Virtual size: 60KB