d460869531a67e57d28e06db2be66c6cdc2dc9fd739911108156dd13ffd9bed6

Sharing

Copy URL

Twitter E-mail

General

Target

d460869531a67e57d28e06db2be66c6cdc2dc9fd739911108156dd13ffd9bed6
Size

284KB
MD5

1df9b7f0023f5b9d2ea915a612f7fb1f
SHA1

cb32f9ea6e6039c9eb711db9629206e06fc658a3
SHA256

d460869531a67e57d28e06db2be66c6cdc2dc9fd739911108156dd13ffd9bed6
SHA512

4bd1e620a7c6c104c65f97a6cbec5cb39cbc9db68456bc2b6553d7379d8ff2a93d6036f76d90ff38dbc1574fb75d36c78fcfca0a2bb010f463bb47ea297a5b25
SSDEEP

6144:UPKmJt7ZRFrTdBA1oGzDK/0OlEa6ETMhS5yfZahy4yYAVt/G5:yKMdlYzDKMAEa6SMw/hypYA//G5

Score

N/A

Malware Config

Signatures

Files

d460869531a67e57d28e06db2be66c6cdc2dc9fd739911108156dd13ffd9bed6
.dll regsvr32 windows x86

f72f465e2a3d9d0ebd8776686d02de65

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
FreeLibrary
lstrcpyA
lstrcatA
GetProcAddress
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
LocalFree
SetStdHandle
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
GetModuleFileNameA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
CreateFileA
GetLastError
ReadFile
EnterCriticalSection
CloseHandle
GetCPInfo
IsBadCodePtr
IsBadReadPtr
GetACP
SetFilePointer
SetEndOfFile
GetOEMCP
SetUnhandledExceptionFilter
HeapFree
RtlUnwind
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
RaiseException
HeapCreate
VirtualFree
ExitProcess
VirtualAlloc
IsBadWritePtr
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
LCMapStringA
LCMapStringW
FlushFileBuffers
WriteFile
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapSize

user32

LoadStringA
CharNextA

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree

oleaut32

SysAllocStringByteLen
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocString
RegisterTypeLi
VarUI4FromStr
SysFreeString
VariantClear
SysStringByteLen

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetSetOptionA
InternetOpenA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 523KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f72f465e2a3d9d0ebd8776686d02de65

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 523KB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 8KB - Virtual size: 6KB

.text Size: 176KB - Virtual size: 176KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 523KB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 176KB - Virtual size: 176KB