cbb807bcd1368a7f7f1dc8e9af3f84628f94cd0b7465bdc0ec214780d995886c

Sharing

Copy URL Twitter E-mail

General

Target

cbb807bcd1368a7f7f1dc8e9af3f84628f94cd0b7465bdc0ec214780d995886c
Size

280KB
MD5

021c83c8ec6ac07479ab5ce9846affd0
SHA1

2e0025b28a0baa49ebab983383a4cdcd48ec9be3
SHA256

cbb807bcd1368a7f7f1dc8e9af3f84628f94cd0b7465bdc0ec214780d995886c
SHA512

1e10612617780199968c8e9ce8447c9cba75e96a814f7e548e32e5a2ffc4565a683325f3ceb7c50fb48fba26a46d8f2ec652464aef6286ca40a02a572c329764
SSDEEP

6144:LVwCU/JMGSWZRxzeHaUepYkOLGRPFlUrZY8:LVwCUBfzheHXAcK0y

Score

N/A

Malware Config

Signatures

Files

cbb807bcd1368a7f7f1dc8e9af3f84628f94cd0b7465bdc0ec214780d995886c
.dll regsvr32 windows x86

de2d811c0d03df2a8b31f2d849cb9146

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GlobalFree
GlobalUnlock
GlobalLock
lstrlenW
MultiByteToWideChar
lstrlenA
GetShortPathNameA
WideCharToMultiByte
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrcpyA
lstrcatA
GetCurrentProcess
CreateProcessA
OpenFile
CreateEventA
IsBadCodePtr
CreateMutexA
FlushFileBuffers
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
HeapSize
TerminateProcess
ExitProcess
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
ReadFile
GetVersion
GetCommandLineA
RaiseException
HeapReAlloc
HeapFree
HeapAlloc
RtlUnwind
InterlockedExchange
LocalFree
GetLastError
WaitForSingleObject
CreateThread
CopyFileA
TerminateThread
ReleaseMutex
GetModuleHandleA
GetModuleFileNameA
GetVersionExA
InterlockedDecrement
GetSystemDefaultLCID
GetLocaleInfoA
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
WriteFile
CreateFileA
CloseHandle
InterlockedIncrement
IsBadReadPtr

user32

SetWindowLongA
SetRectEmpty
wsprintfA
BroadcastSystemMessage
SendMessageA
CharNextA
ReleaseDC
MoveWindow
ScreenToClient
GetWindowRect
GetClientRect
GetWindowDC
GetParent
EndPaint
GetDC
BeginPaint
DefWindowProcA
GetWindowTextA
WinHelpA
ChangeDisplaySettingsA
EnumDisplaySettingsA
LoadStringA
EndDialog
GetDlgCtrlID
PeekMessageA
GetSubMenu
GetMenuStringA
MessageBoxA
ExitWindowsEx
DestroyMenu
AppendMenuA
CreatePopupMenu
InsertMenuA
RegisterClipboardFormatA
GetForegroundWindow
CallWindowProcA
EnableWindow
DialogBoxParamA
EnumChildWindows
GetSystemMenu
EnableMenuItem
FindWindowA
SetForegroundWindow
DrawIcon
GetIconInfo
PostMessageA
SetWindowTextA
ShowWindow
GetDlgItem
MapWindowPoints
RegisterClassA
CreateWindowExA
DestroyWindow

gdi32

CreateFontIndirectA
SetBkMode
TextOutA
GetTextExtentPoint32A
SelectObject
StretchBlt
BitBlt
SetTextColor
DeleteObject
DeleteDC
GetObjectA
CreateCompatibleDC

advapi32

RegEnumKeyExA
AllocateAndInitializeSid
FreeSid
RegEnumValueA
RegQueryInfoKeyA
RegDeleteValueA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegOpenKeyA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteExA
Shell_NotifyIconA

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CLSIDFromProgID
CoCreateInstance

oleaut32

SysAllocStringLen
VariantClear
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysFreeString
SysAllocStringByteLen
SysStringLen
SysAllocString
SysStringByteLen
VarUI4FromStr

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageA

hccutils

GetMyRegKey
GetCurrentDisplay
LoadICON
FindResources
GetHardwareKey
LoadBITMAP
IsDisplayValid
LoadIMAGE
EnumDspDev
GetCommonRegKey
LoadSTRING
LoadCURSOR
LoadDialogString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de2d811c0d03df2a8b31f2d849cb9146

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

hccutils

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 16KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 16KB - Virtual size: 15KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 16KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 16KB - Virtual size: 15KB

.rmnet
Size: 60KB - Virtual size: 60KB