2aa66fe6142ea9cd206d2755d762b1a863e587cb6c0fcf76198a236e89a488b9

Sharing

Copy URL Twitter E-mail

General

Target

2aa66fe6142ea9cd206d2755d762b1a863e587cb6c0fcf76198a236e89a488b9
Size

480KB
MD5

380068bca617c988d4e84b2035c3b7f0
SHA1

8261acd3bcf10b7524bb6fdb9daacdd1ec790b4e
SHA256

2aa66fe6142ea9cd206d2755d762b1a863e587cb6c0fcf76198a236e89a488b9
SHA512

f407d961a49d44dcdfbbb5005f7b7f10344801fc00f2bd7c5e4c9f1545f802317967235f43b67ec5dab1b68d21442c9b0f603464a0119358d56d563f8899bc15
SSDEEP

6144:gIm81Pjm8F8rT10n4sRN8OCtUHs9yNoUa7d5PHBVoAOY1NltymwWug:M81PzSy3RN8lJ6dOXl1

Score

N/A

Malware Config

Signatures

Files

2aa66fe6142ea9cd206d2755d762b1a863e587cb6c0fcf76198a236e89a488b9
.dll regsvr32 windows x86

b031e9de58ecf13cc23d88b9c4724b61

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
WideCharToMultiByte
WaitForSingleObject
lstrcpyW
lstrlenW
GetModuleFileNameW
VirtualQuery
Sleep
CreateThread
GetThreadLocale
CloseHandle
CreateEventW
CreateSemaphoreW
ResetEvent
ReleaseSemaphore
SetEvent
GetProcAddress
GetModuleHandleW
GetLocaleInfoA
GetACP
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
MultiByteToWideChar
InitializeCriticalSection
lstrlenA
RtlUnwind
ExitProcess
GetModuleFileNameA
GetLastError
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetFileInformationByHandle
PeekNamedPipe
GetFileType
SetFilePointer
CreateFileA
CreateFileW
GetCurrentThreadId
HeapAlloc
HeapReAlloc
HeapFree
GetSystemTimeAsFileTime
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
LoadLibraryA
WriteFile
GetStdHandle
GetFullPathNameA
GetCurrentDirectoryA
SetStdHandle
SetHandleCount
GetStartupInfoA
SetEndOfFile
ReadFile
UnhandledExceptionFilter
GetTimeZoneInformation
VirtualProtect
VirtualAlloc
GetSystemInfo
RaiseException
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
GetStringTypeA
GetStringTypeW
FlushFileBuffers
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapSize
lstrcpynW
InterlockedIncrement
InterlockedDecrement
OutputDebugStringW
lstrcmpW
FreeLibrary
SetThreadPriority
DisableThreadLibraryCalls

user32

EnumWindows
GetClassNameW
wsprintfW
GetWindowThreadProcessId
wvsprintfW
SetRect

ole32

CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance
CoUninitialize
CLSIDFromString
CoInitialize

msvcr71

_wcsicmp
_purecall

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegSetValueW
RegCreateKeyW
RegCloseKey

winmm

timeGetTime

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 240KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b031e9de58ecf13cc23d88b9c4724b61

Headers

File Characteristics

Imports

kernel32

user32

ole32

msvcr71

advapi32

winmm

Exports

Exports

Sections

.text Size: 240KB - Virtual size: 236KB

.rdata Size: 144KB - Virtual size: 140KB

.data Size: 8KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 792B

.reloc Size: 20KB - Virtual size: 18KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 240KB - Virtual size: 236KB

.rdata
Size: 144KB - Virtual size: 140KB

.data
Size: 8KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 792B

.reloc
Size: 20KB - Virtual size: 18KB

.rmnet
Size: 60KB - Virtual size: 60KB