b3a1f6e4a67994846d908ba68210302f9bb2b507ca63ed6aad1eb20ab876823c

Sharing

Copy URL Twitter E-mail

General

Target

b3a1f6e4a67994846d908ba68210302f9bb2b507ca63ed6aad1eb20ab876823c
Size

247KB
MD5

5298276d5863b49857fa59c61233dc30
SHA1

a92fb1867976852e5c252483b7e44fef9ad6c8b1
SHA256

b3a1f6e4a67994846d908ba68210302f9bb2b507ca63ed6aad1eb20ab876823c
SHA512

fa912db8fe28e557a491eaa5b33da96d7dcb703abea190cb29f45ef9ae7a32e991dcb0bd7cf1807ce3853c120ae2e8c7ea2ee314a36477a3611955382d2e675d
SSDEEP

1536:rT1JsLbqBEOPSl5b7X3FrmUBFUM6666666666666666666666666666666666666:38LbqWqSl5b7X3FZC

Score

N/A

Malware Config

Signatures

Files

b3a1f6e4a67994846d908ba68210302f9bb2b507ca63ed6aad1eb20ab876823c
.dll regsvr32 windows x86

8c48b94555b690df0fe5e0d35607ab69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW
PathCombineW
PathFindFileNameW
StrCmpW
StrCmpIW
StrCatW

kernel32

LoadLibraryExA
CreateThread
GetProcessHeap
CloseHandle
lstrcatA
lstrcpyA
InitializeCriticalSection
GetBinaryTypeW
GetLastError
lstrcpynA
GetProcAddress
FreeLibrary
LoadLibraryA
WideCharToMultiByte
GetModuleFileNameA
MultiByteToWideChar
GetTimeFormatA
GetDateFormatA
lstrcmpA
lstrcmpiA
GetModuleHandleW
PulseEvent
CreateEventA
GetCurrentThreadId
GetTickCount
CreateFileMappingW
CreateFileW
SetFilePointerEx
DeleteFileW
SetFileAttributesW
GetTempFileNameW
GetTempPathW
WriteFile
ReadFile
LeaveCriticalSection
EnterCriticalSection
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
CreateMutexA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
FindClose
FindNextFileW
FindFirstFileW
GetModuleFileNameW
WaitForSingleObject
Sleep
ExitThread
ResetEvent
lstrcpyW

user32

TranslateMessage
GetMessageW
SetWindowsHookExW
DispatchMessageW
DestroyWindow
GetSystemMetrics
wsprintfA
wsprintfW
RegisterClassExW
CreateWindowExW
GetWindowRect
SetTimer
GetClassNameA
GetWindow
SendMessageW
GetWindowTextA
CallNextHookEx
GetClientRect
DefWindowProcW
ShowWindow

shell32

SHGetSpecialFolderPathW

oleaut32

SysFreeString
SysAllocStringLen
VariantInit
SysAllocString
SysAllocStringByteLen
VariantClear
VariantCopy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c48b94555b690df0fe5e0d35607ab69

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 2KB - Virtual size: 54KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 2KB - Virtual size: 54KB

.reloc
Size: 3KB - Virtual size: 2KB