d69e3af8fbe65440bd018b229ae943313b7d947d9e61e0d28ca773e531bda032

Sharing

Copy URL Twitter E-mail

General

Target

d69e3af8fbe65440bd018b229ae943313b7d947d9e61e0d28ca773e531bda032
Size

344KB
MD5

3120d27c035ec78e7022e02d2bf38780
SHA1

6e91761b3377adaf5d2719b1e25e4de1e997d224
SHA256

d69e3af8fbe65440bd018b229ae943313b7d947d9e61e0d28ca773e531bda032
SHA512

962506787061f1f1f289098bef4c4f517cb51e43b47184534e906a9d3f0e118dedbf3ca66c7da6e08bf92821d0b67e1229a070f45068bf21bb55ab0e634be623
SSDEEP

6144:uCFU39TsIC30JmJW6wIO22vP4dFhOlJPE/97xR59Q1jvk6SxLbavCQy5wa:JFUtJ3iW6wIO22vP4dFhOlJPi97xR59n

Score

N/A

Malware Config

Signatures

Files

d69e3af8fbe65440bd018b229ae943313b7d947d9e61e0d28ca773e531bda032
.dll regsvr32 windows x86

ee2ac7b805c84238671cd38264cc36e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
Sleep
lstrcpyA
lstrcatA
WriteFile
CreateFileA
CloseHandle
GetTickCount
ReadFile
GetFileSize
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
lstrcmpiA
GetModuleHandleA
lstrcpynA
IsDBCSLeadByte
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
MulDiv
SetFilePointer
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
FlushFileBuffers
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCPInfo
GetOEMCP
IsBadWritePtr
VirtualFree
HeapCreate
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
SetUnhandledExceptionFilter
GetCurrentProcessId
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
GetProcAddress
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
ExitProcess
GetFullPathNameA
HeapSize
HeapReAlloc
HeapDestroy
lstrlenW
GetModuleFileNameA
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentThreadId
WideCharToMultiByte
InterlockedExchange
lstrlenA
InterlockedDecrement
InterlockedIncrement
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetStringTypeA

user32

UnregisterClassA
wsprintfA
GetClassInfoExA
SetActiveWindow
ShowWindow
MoveWindow
DestroyWindow
GetWindowLongA
SetWindowLongA
IsWindowUnicode
SendMessageTimeoutW
SendMessageA
InflateRect
OffsetRect
LoadCursorA
IsWindow
MessageBoxA
SetRectEmpty
PtInRect
ClientToScreen
SetRect
ClipCursor
SetScrollInfo
SetScrollRange
EnableScrollBar
SetScrollPos
LockWindowUpdate
MessageBoxW
CreateAcceleratorTableA
CharNextA
GetParent
GetClassNameA
SetWindowPos
RedrawWindow
GetDlgItem
SetFocus
GetFocus
IsChild
GetWindow
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
GetDesktopWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
GetClientRect
FillRect
SetCapture
ReleaseCapture
GetSysColor
CreateWindowExA
PostMessageA
RegisterWindowMessageA
RegisterClassExA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
DefWindowProcA

gdi32

CreatePen
ExtCreatePen
SetWindowOrgEx
CreateSolidBrush
GetStockObject
Polyline
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
GetDIBits
LineTo
MoveToEx
Rectangle
StretchDIBits
GetObjectA
DeleteObject

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey

shell32

SHGetFileInfoA

ole32

CreateStreamOnHGlobal
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
CoTaskMemAlloc
StringFromGUID2
OleUninitialize
OleInitialize

oleaut32

SysStringByteLen
SysAllocStringLen
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
SysFreeString
SysStringLen
OleCreateFontIndirect
SysAllocString
LoadTypeLi
LoadRegTypeLi
VariantInit
DispCallFunc
VariantClear

shlwapi

PathFileExistsA
PathFindExtensionA

scsengine

_GetSCSEngine@0

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ee2ac7b805c84238671cd38264cc36e7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

scsengine

Exports

Exports

Sections

.text Size: 212KB - Virtual size: 208KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 16KB - Virtual size: 13KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 212KB - Virtual size: 208KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 16KB - Virtual size: 13KB

.rmnet
Size: 60KB - Virtual size: 60KB