04dd6ab98e99a696e0dcb4b13a7728850d4c304d726daf715575f67f94063155

Sharing

Copy URL Twitter E-mail

General

Target

04dd6ab98e99a696e0dcb4b13a7728850d4c304d726daf715575f67f94063155
Size

80KB
MD5

28c3a918b130c43744d507e3b9491d20
SHA1

ac04a451c137e4d0c6aa880ebd561aa707fcb22f
SHA256

04dd6ab98e99a696e0dcb4b13a7728850d4c304d726daf715575f67f94063155
SHA512

02b406de640c110494a7b4ecbc615f66e36aef07c4efcd6b2b32e2413066b1829f2984ae15e33bc16e53a2a452f3419e0f6538ec74210862e0c51e5bed8970d0
SSDEEP

1536:dBD6+pE9h56WwlrwJeUmRzk3yyLzXkkA4ikKG/Qln3fuVA+hymsxRAcGrMFWs:OYRzYpF9KGcn3WVfoy

Score

N/A

Malware Config

Signatures

Files

04dd6ab98e99a696e0dcb4b13a7728850d4c304d726daf715575f67f94063155
.dll regsvr32 windows x86

ea420c2c82307b7cfa07a0b94a861470

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
SHDeleteKeyA
PathFileExistsW

crypt32

CryptUnprotectData

kernel32

WriteFile
CreateFileW
InterlockedIncrement
InterlockedDecrement
GetSystemDirectoryA
GetPrivateProfileIntA
DeleteFileW
GetSystemDirectoryW
GetWindowsDirectoryA
GetFileSize
CreateFileA
MoveFileA
GetLocaleInfoA
GetSystemDefaultLCID
GetVersionExA
GetTickCount
CreateThread
LoadLibraryA
GetLastError
CreateMutexA
GetModuleFileNameW
DisableThreadLibraryCalls
FileTimeToSystemTime
FileTimeToLocalFileTime
FlushFileBuffers
lstrcatA
lstrcpyA
FindClose
FindNextFileW
FindFirstFileW
GetFullPathNameW
ReadFile
ExpandEnvironmentStringsW
GlobalFree
lstrcmpiW
GlobalAlloc
GetCurrentThreadId
Sleep
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
CreateProcessA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
GetLocalTime
WritePrivateProfileStringA
GetPrivateProfileStringA
WritePrivateProfileStringW
LocalFree

user32

IsCharAlphaNumericA
EnumWindows
DispatchMessageA
TranslateMessage
GetMessageA
DrawIcon
PostThreadMessageA
ShowWindow
FindWindowExA
GetCursorPos
GetCursor
GetWindowTextA

gdi32

CreateDCA
GetDeviceCaps
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
GetDIBColorTable
DeleteObject
DeleteDC

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegEnumValueA
RegCloseKey
IsTextUnicode
RegOpenKeyA

ole32

CreateStreamOnHGlobal
OleInitialize
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantChangeType
VariantCopy
SafeArrayCreateVector
SysFreeString
SysAllocString
VariantClear
SafeArrayDestroy
SafeArrayUnaccessData
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringLen
SafeArrayAccessData

wininet

FindNextUrlCacheEntryA
FindCloseUrlCache
HttpSendRequestA
FindFirstUrlCacheEntryA
DeleteUrlCacheEntry

msvcrt

wcscat
rand
srand
time
_strcmpi
fwrite
tmpnam
_unlink
wcscpy
wcsstr
_wcslwr
wcsncpy
wcschr
_wcsnicmp
_strnicmp
sscanf
rewind
fread
fopen
_wcsicmp
fclose
fprintf
fflush
wcslen
strstr
_strupr
isupper
tolower
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
sprintf
div

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea420c2c82307b7cfa07a0b94a861470

Headers

File Characteristics

Imports

shlwapi

crypt32

kernel32

user32

gdi32

advapi32

ole32

oleaut32

wininet

msvcrt

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 7KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 7KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 4KB