15081ab03ce6b65592576552a05397bf68b66efbb882cdff44909507ebd819db

Sharing

Copy URL Twitter E-mail

General

Target

15081ab03ce6b65592576552a05397bf68b66efbb882cdff44909507ebd819db
Size

216KB
MD5

19ccd3ab1ac73d8c4d3df6460ebbdca0
SHA1

7f658a014a5729d9d561848d0585440077c4f216
SHA256

15081ab03ce6b65592576552a05397bf68b66efbb882cdff44909507ebd819db
SHA512

e866f77b4f110cc302c455629a02e5367f18f815988fb9993b907d77c872136b858db63d15186d4b93d963d7fa7f9bb7a943c71cef29cd63f7a8ffd1eb139731
SSDEEP

3072:H0mGpPN4S2hiw1iw59pEnUKzqDItZEvaOjjOW0lMGllwShb1N2be2:UmO14fvkQQnUKzWCOXrGNZMx

Score

N/A

Malware Config

Signatures

Files

15081ab03ce6b65592576552a05397bf68b66efbb882cdff44909507ebd819db
.dll regsvr32 windows x86

1c6b851e2303406c0123f84d1f6ff5f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
HeapSize
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapAlloc
RaiseException
GetACP
VirtualFree
VirtualAlloc
IsBadWritePtr
lstrcpynA
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
lstrcpyA
lstrlenA
LoadLibraryExA
FindResourceA
SizeofResource
LoadResource
LockResource
GetShortPathNameA
GetOEMCP
GetCPInfo
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
GetProcessVersion
GetLastError
LoadLibraryA
GlobalGetAtomNameA
SetLastError
GetModuleHandleA
GetProcAddress
WritePrivateProfileStringA
GlobalFlags
SetErrorMode
GetVersion
lstrcatA
TlsSetValue
TlsGetValue
LocalReAlloc
LeaveCriticalSection
EnterCriticalSection
GlobalReAlloc
GlobalUnlock
TlsFree
GlobalHandle
TlsAlloc
GlobalFree
DeleteCriticalSection
LocalAlloc
InitializeCriticalSection
LocalFree
lstrlenW
MultiByteToWideChar
FreeLibrary
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
LCMapStringA
LCMapStringW
GetEnvironmentStringsW
HeapDestroy
HeapCreate

user32

DestroyIcon
DestroyMenu
LoadStringA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
LoadCursorA
GetSysColorBrush
GetWindowPlacement
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GrayStringA
DrawTextA
TabbedTextOutA
IsIconic
GetClientRect
SystemParametersInfoA
GetMenuItemCount
wsprintfA
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
MapWindowPoints
GetSysColor
AdjustWindowRectEx
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
LoadIconA
ReleaseDC
CopyRect
PostMessageA
PostQuitMessage
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
DefWindowProcA
DestroyWindow
GetDC
GetDlgItem
GetSystemMetrics

gdi32

SaveDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetClipBox
SetWindowExtEx
DeleteDC
DeleteObject
GetDeviceCaps
RectVisible
TextOutA
PtVisible
Escape
ExtTextOutA
GetObjectA
RestoreDC
CreateBitmap

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueA
RegQueryValueExA
RegSetValueA
RegSetValueExA
RegOpenKeyA

shell32

ExtractIconA

comctl32

ord17

ole32

CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
StringFromCLSID
CoTaskMemAlloc
CoDisconnectObject

oleaut32

SysAllocStringLen
SysAllocString
VariantChangeType
VariantClear
VariantCopy
SysStringByteLen
SysFreeString
SysStringLen
SysAllocStringByteLen
LoadTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c6b851e2303406c0123f84d1f6ff5f2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 6KB - Virtual size: 20KB

.rsrc Size: 10KB - Virtual size: 10KB

.reloc Size: 14KB - Virtual size: 14KB

.text Size: 90KB - Virtual size: 92KB

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 6KB - Virtual size: 20KB

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 14KB - Virtual size: 14KB

.text
Size: 90KB - Virtual size: 92KB