cf95b83b1912804d4cd807e099595cece9edd5ba06fd427f92b3556935a9ef7e

Sharing

Copy URL Twitter E-mail

General

Target

cf95b83b1912804d4cd807e099595cece9edd5ba06fd427f92b3556935a9ef7e
Size

176KB
MD5

1763e01f6437a36e07091f157be4aff0
SHA1

6efcb60e463c4801230432b63f04c28347bc275d
SHA256

cf95b83b1912804d4cd807e099595cece9edd5ba06fd427f92b3556935a9ef7e
SHA512

7f9cdac16e36248b7c85a42a5f522f77a4e3c1e32450df96e0db81f222065ec02dd57c9ddb2bdf5fbbd677af500a502f70d6230fb99a90211daa7ea09d90cf1d
SSDEEP

3072:k00NyBS51Rjl2TSfLo5MQ48awPsQ72MHbo6JoFTG09+LHYbBS:kgWRj0MPQci7Hs6JoFK09nbc

Score

N/A

Malware Config

Signatures

Files

cf95b83b1912804d4cd807e099595cece9edd5ba06fd427f92b3556935a9ef7e
.dll regsvr32 windows x86

fdd0a29a5fcff1aad4d334d6fe494039

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetModuleFileNameA
WideCharToMultiByte
GetShortPathNameA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
GetLastError
MultiByteToWideChar
lstrlenA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
GetStringTypeW
GetStringTypeA
lstrlenW
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
LoadLibraryExA
lstrcmpiA
GetACP
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
TlsGetValue
DisableThreadLibraryCalls
HeapCreate
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
GetEnvironmentStringsW
GetEnvironmentStrings
WriteFile
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TerminateProcess
IsBadWritePtr
FreeEnvironmentStringsW
VirtualFree
ExitProcess
VirtualAlloc
FreeEnvironmentStringsA
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA

user32

CharNextA

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateFreeThreadedMarshaler
CoTaskMemFree

oleaut32

LoadRegTypeLi
SysAllocStringLen
VarUI4FromStr
RegisterTypeLi
LoadTypeLi
SysStringLen
UnRegisterTypeLi
SysFreeString
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fdd0a29a5fcff1aad4d334d6fe494039

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 40KB - Virtual size: 37KB

.reloc Size: 8KB - Virtual size: 4KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 40KB - Virtual size: 37KB

.reloc
Size: 8KB - Virtual size: 4KB

.rmnet
Size: 60KB - Virtual size: 60KB