fed7e373a86a3cb99c3e1aeb57977e4e23e5a036fc0a5fc379535bffb777a146

Sharing

Copy URL Twitter E-mail

General

Target

fed7e373a86a3cb99c3e1aeb57977e4e23e5a036fc0a5fc379535bffb777a146
Size

2.9MB
MD5

5297ddfe5edb5bb7fc86673029e931ae
SHA1

35e3b5fe0099b4ec36745021042c2a5d7b5c01aa
SHA256

fed7e373a86a3cb99c3e1aeb57977e4e23e5a036fc0a5fc379535bffb777a146
SHA512

fa67b930449eb44df3ee2b818616f67fc8d19d3f673460bef566590cfea25c806c189f03ce2eef12f921cb7c854aaae96eed99b722012f01609c60146a6e2401
SSDEEP

49152:pXfGz8/+cCWcmWG2VoRjb97y3Q0L7b4ZyDoo79TmTfVUI1r7D4Ldbd0feX3A4uVX:1yWcmWG26RFSQf4TEVl7DUZjn8VNnJXr

Score

N/A

Malware Config

Signatures

Files

fed7e373a86a3cb99c3e1aeb57977e4e23e5a036fc0a5fc379535bffb777a146
.dll regsvr32 windows x86

49c22a9674157de0459ef6ff601adede

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
GetComputerNameA
VirtualAllocEx
GetVolumePathNameW
OpenMutexW
lstrcmpA
lstrcpynA
OpenJobObjectW
GetDateFormatW
TerminateProcess
CreateRemoteThread
ConnectNamedPipe
FindNextFileA
GlobalAddAtomA
LocalUnlock
GetDefaultCommConfigW
MapViewOfFileEx
CompareStringA
GetDiskFreeSpaceW
lstrcpyW
FindFirstChangeNotificationW
LoadLibraryA
LocalFree
SetFilePointer
FindVolumeClose
GetShortPathNameW
GetProcAddress
SetupComm

ole32

OleSave
CreateDataCache
CoEnableCallCancellation
CoDisableCallCancellation

user32

EndDeferWindowPos
SetMessageQueue
SetCursor
EnableMenuItem
SetProcessWindowStation
GetWindowDC
TranslateMDISysAccel
SetWindowPos
GetGUIThreadInfo
LookupIconIdFromDirectory
ShowWindowAsync
GetWindowWord
BroadcastSystemMessageW
DrawIconEx
EnumThreadWindows
SendNotifyMessageW
CreateDialogParamA
GetClassNameA
OemToCharA
GetWindowThreadProcessId
FlashWindow

shlwapi

PathFindExtensionW
PathStripPathW
PathRemoveFileSpecW
PathIsDirectoryA
PathGetCharTypeA
PathIsDirectoryW

advapi32

RegConnectRegistryA
RegEnumValueA
CredWriteW
RegQueryInfoKeyA
RegDeleteValueW
CredWriteDomainCredentialsW
RegEnumKeyExW
InitiateSystemShutdownExW

shell32

DragAcceptFiles

gdi32

OffsetWindowOrgEx
PtVisible
DeleteMetaFile
StretchDIBits
SetMetaFileBitsEx
GetTextAlign
CreatePolygonRgn
DeleteDC
GetDCOrgEx
CreatePatternBrush

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49c22a9674157de0459ef6ff601adede

Headers

File Characteristics

Imports

kernel32

ole32

user32

shlwapi

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 72KB - Virtual size: 69KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 72KB - Virtual size: 69KB