22bcc32d7d9eb51c8aa66bcac2baab952644b68a56aa88d1c21b060474559730

Sharing

Copy URL Twitter E-mail

General

Target

22bcc32d7d9eb51c8aa66bcac2baab952644b68a56aa88d1c21b060474559730
Size

318KB
MD5

1392e15407fee7d12573de5c7c4917c0
SHA1

a1d31c1da12f98b3d5b42387295b1873b288b2b9
SHA256

22bcc32d7d9eb51c8aa66bcac2baab952644b68a56aa88d1c21b060474559730
SHA512

f19f2d5eb05be518c07a3191d237112f4a7acb3e52637b9f8f8afe02268bab433bf2eeb2147343ab5f75b27e5ec96b9013d2fbd2c1e98055ef6ce296dccb42a8
SSDEEP

6144:Fr9O8RS8/tLqijrOdWZaj9Im0o/8l4iE1MEhpqz:FxVS8VLqij5ZMIm4Gzhoz

Score

N/A

Malware Config

Signatures

Files

22bcc32d7d9eb51c8aa66bcac2baab952644b68a56aa88d1c21b060474559730
.dll regsvr32 windows x86

ba309e6389fc75a94d468140ad24646d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
TraceEvent
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableLevel
GetTraceEnableFlags
GetTraceLoggerHandle
RegQueryValueExW
SetNamedSecurityInfoW
GetSecurityDescriptorLength
MakeSelfRelativeSD
MakeAbsoluteSD
InitializeSecurityDescriptor
GetAclInformation
InitializeAcl
AddAce
SetSecurityDescriptorDacl
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
IsValidSid
CopySid
GetLengthSid
GetSecurityDescriptorControl
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl

kernel32

GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InterlockedExchange
RtlUnwind
LCMapStringW
GetConsoleCP
SetHandleCount
SetStdHandle
WriteConsoleW
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
GetConsoleMode
SetThreadLocale
GetThreadLocale
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
lstrlenA
lstrcpynW
GetModuleHandleW
GetProcAddress
FindResourceExW
LockResource
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
DeleteCriticalSection
RaiseException
lstrlenW
QueryPerformanceCounter
LocalFree
SetLastError
CreateDirectoryW
GetTickCount
LoadLibraryW
WaitForSingleObject
GetCurrentProcess
CloseHandle
ReleaseMutex
GetEnvironmentVariableW
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
OutputDebugStringA
GetPrivateProfileIntW
GetPrivateProfileStringW
OutputDebugStringW
Sleep
CreateFileW
WriteFile
lstrcmpW
SetFilePointer
CreateMutexW
InitializeCriticalSection
TryEnterCriticalSection
InterlockedCompareExchange
WideCharToMultiByte
GetFileAttributesExW
GetStringTypeExW
GetSystemTimeAsFileTime
GetVersionExW
MoveFileExW
FlushFileBuffers
VerSetConditionMask
VerifyVersionInfoW
TerminateProcess
VirtualQuery
IsDebuggerPresent
ExitProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
EncodePointer
DecodePointer
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
HeapCreate
GetStdHandle
GetStringTypeW

ole32

StringFromGUID2
IIDFromString
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

oleaut32

SysFreeString
VarUI4FromStr
SysAllocString
SysAllocStringLen
VariantClear
VariantInit
LoadTypeLi
LoadRegTypeLi
SysStringLen

user32

GetWindow
SetForegroundWindow
AllowSetForegroundWindow
GetWindowLongW
wvsprintfW
CharLowerW
CharUpperW
wvsprintfA
wsprintfW
MessageBoxW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
MapWindowPoints
SetWindowPos
CreateWindowExW
DestroyWindow
GetClientRect
CharNextW
CharLowerBuffW

shlwapi

SHQueryValueExW
PathIsRelativeW
PathCanonicalizeW
PathAppendW
UrlEscapeW
UrlUnescapeW
PathStripPathW
PathRemoveFileSpecW
UrlUnescapeA
PathRemoveExtensionW
PathRemoveBackslashW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

shell32

CommandLineToArgvW
ShellExecuteExW
SHGetFolderPathW

wininet

InternetCrackUrlW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ba309e6389fc75a94d468140ad24646d

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

ole32

oleaut32

user32

shlwapi

version

shell32

wininet

Exports

Exports

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 22KB - Virtual size: 21KB

.text Size: 102KB - Virtual size: 104KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 22KB - Virtual size: 21KB

.text
Size: 102KB - Virtual size: 104KB