41aa687660f59461d32e9d933953ce3a886297150d05992204232366401972bb

Sharing

Copy URL

Twitter E-mail

General

Target

41aa687660f59461d32e9d933953ce3a886297150d05992204232366401972bb
Size

128KB
MD5

3aaaf0a305395befa4f699499893a037
SHA1

aec81e84bc8754f5822827c94ceef18ea5c1a7d9
SHA256

41aa687660f59461d32e9d933953ce3a886297150d05992204232366401972bb
SHA512

f38e3d2949b00c630a1627dc2852ac5081f668cf5e40b9f37d1c36d149ad4e810cc5c7167dad7d58615e05792a16c43146b0503f3fd5a8c5cf382a3b86782547
SSDEEP

3072:QPYkaAYBFcLS85vrr8aDA2h152+rvVx9ducI5VgTIjjaY:QgVAYQLS85jt9rvVLdf0gMjjaY

Score

N/A

Malware Config

Signatures

Files

41aa687660f59461d32e9d933953ce3a886297150d05992204232366401972bb
.dll regsvr32 windows x86

d282c7a4e6bb59011c8238535bd1aa1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_initterm
_amsg_exit
_adjust_fdiv
memset
bsearch
free
wcsstr
wcsrchr
malloc
_XcptFilter
memcpy

gdi32

LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateFontIndirectW
SelectObject
DeleteObject
GetTextCharset
EnumFontFamiliesExW
RestoreDC
SetWindowOrgEx
SaveDC
CreateRectRgnIndirect
CreateDCW
GetDeviceCaps
ExtEscape

kernel32

GetUserDefaultUILanguage
EnumUILanguagesW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetLocaleInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
VirtualFree
CompareStringW
GetVersion
GetProcessHeap
GetModuleHandleW
HeapReAlloc
HeapSize
LoadLibraryA
SetLastError
GetModuleFileNameA
DisableThreadLibraryCalls
HeapFree
HeapAlloc
GetProcAddress
GetSystemDefaultLCID
LocalAlloc
TerminateProcess
UnhandledExceptionFilter
GetVersionExW
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
MultiByteToWideChar
FlushInstructionCache
GetCurrentProcess
GetLastError
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
lstrlenA
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameW
HeapDestroy

user32

GetSystemMetrics
GetKeyboardLayoutList
IsCharAlphaW
CallWindowProcW
DefWindowProcW
GetKeyState
CharNextW
CharPrevW
CreateWindowExW
DestroyWindow
GetWindowLongW
SetWindowLongW
SetWindowPos
GetClientRect
BeginPaint
EndPaint
GetDC
ReleaseDC
InvalidateRect
ShowWindow
SetFocus
IsChild
SetWindowRgn
IsWindow
GetClassInfoExW
LoadCursorW
wsprintfW
RegisterClassExW
GetFocus
DestroyAcceleratorTable
IntersectRect
EqualRect
OffsetRect

advapi32

RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteKeyW

oleaut32

SafeArrayGetUBound
SysAllocString
SysStringLen
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
OleCreatePropertyFrame
VariantInit
SafeArrayCopy
VariantChangeTypeEx
SafeArrayGetElement
SysFreeString
SafeArrayGetLBound
SafeArrayDestroy
SysAllocStringLen

ole32

CoCreateInstance
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CreateOleAdviseHolder
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

iertutil

ord309
ord9

urlmon

ord414

shlwapi

StrCpyW
StrCatW
StrCmpIW
StrCpyNW
StrStrIA
ord29

Exports

Exports

DllCanUnloadNow
DllEnumClassObjects
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d282c7a4e6bb59011c8238535bd1aa1e

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

gdi32

kernel32

user32

advapi32

oleaut32

ole32

iertutil

urlmon

shlwapi

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 52KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 3KB - Virtual size: 2KB

.text Size: 63KB - Virtual size: 64KB

.text
Size: 52KB - Virtual size: 52KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 63KB - Virtual size: 64KB