6dc7fd5003334cae815c7c0288451ff52deec5aef6882366041e4b23cc772334

Sharing

Copy URL

Twitter E-mail

General

Target

6dc7fd5003334cae815c7c0288451ff52deec5aef6882366041e4b23cc772334
Size

263KB
MD5

4917af1896bd5454401d06e915579520
SHA1

f2901742bf540338f300919507ab2c2a2242f10a
SHA256

6dc7fd5003334cae815c7c0288451ff52deec5aef6882366041e4b23cc772334
SHA512

cf93df11b8305c67c89c622f09f02b83dc771b2a0ba6dabce06bbe06354e819c2f365285dc6eee14a8320f63376368726d4ff64529405f397f10a1c763103c44
SSDEEP

6144:HYpYuGh/lKMZD8Js1NorR2BFXZp7ul1Psb+KZLo:4e7jPZD8JAN2e57h+KZ

Score

N/A

Malware Config

Signatures

Files

6dc7fd5003334cae815c7c0288451ff52deec5aef6882366041e4b23cc772334
.dll regsvr32 windows x86

bbb14fadad3756876b912cbbdfae91de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memcpy
_purecall
memset
wcschr
??2@YAPAXI@Z
??3@YAXPAX@Z
??_V@YAXPAX@Z
??_U@YAPAXI@Z
_wtoi
_CIsqrt
_ftol
_CIpow
_vsnwprintf
_onexit
_lock
__dllonexit
_unlock
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter

kernel32

GlobalMemoryStatus
GetLocalTime
GetVersion
GetEnvironmentStringsW
GetDiskFreeSpaceA
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DisableThreadLibraryCalls
lstrlenW
GetModuleFileNameW
FindAtomW
GetVersionExW
InterlockedDecrement
MultiByteToWideChar
lstrlenA
GetLastError
GetModuleFileNameA
InterlockedIncrement
FreeLibrary
LoadLibraryW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
CreateEventW
SetEvent
ResetEvent
WaitForSingleObject
ReleaseSemaphore
GetSystemInfo
VirtualFree
lstrcmpW
GetCurrentProcess
GetCurrentThreadId
CreateSemaphoreW
VirtualAlloc
InterlockedExchange
GetProcAddress
GetModuleHandleW
SetThreadPriority
GetTickCount
CreateThread
Sleep
InterlockedCompareExchange
RtlUnwind
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LoadLibraryA
GetModuleHandleA
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
DeviceIoControl

gdi32

GetTextExtentPointW

user32

LoadStringW
SendMessageW
ReleaseDC
GetDC
SetDlgItemInt
GetDlgItem
GetDlgItemInt
IsRectEmpty
SetWindowLongW
InvalidateRect
DestroyWindow
CreateDialogParamW
MoveWindow
GetDesktopWindow
DefWindowProcW
GetWindowRect
GetWindowLongW
ShowWindow
EqualRect

advapi32

RegDeleteKeyW
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueW
RegQueryValueExW
RegCreateKeyW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey

ole32

StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysAllocStringLen
VariantInit

msdmo

MoFreeMediaType

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bbb14fadad3756876b912cbbdfae91de

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

gdi32

user32

advapi32

ole32

oleaut32

msdmo

Exports

Exports

Sections

.text Size: 178KB - Virtual size: 178KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 12KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 178KB - Virtual size: 178KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 12KB

.rmnet
Size: 56KB - Virtual size: 60KB