851f74ccf0e16620f5f94ba837170581ad3edac27f87b125a05e8a186b115f4e

Sharing

Copy URL Twitter E-mail

General

Target

851f74ccf0e16620f5f94ba837170581ad3edac27f87b125a05e8a186b115f4e
Size

151KB
MD5

0e0f215a91d62117cf27ff8abd42b4bf
SHA1

7c5d5975730c91845510d1d0b3b7804fd1940bd0
SHA256

851f74ccf0e16620f5f94ba837170581ad3edac27f87b125a05e8a186b115f4e
SHA512

a1140a3cbeaee616ba323f923010fd54d0f80f2186f8886dd585486ba093b7ebf07422bf056d5c7c9ef684cb000d210784ca3b25c4e5d1b4a63e297299a59ec1
SSDEEP

3072:XWIV5Zkold1EogRxo7Qc7TEUAXQLPUganRWiCEfUSCnlaoq4uFCnJ:GI91/gE8c7TDAX+SCq4ucn

Score

N/A

Malware Config

Signatures

Files

851f74ccf0e16620f5f94ba837170581ad3edac27f87b125a05e8a186b115f4e
.dll regsvr32 windows x86

167e73bab837d6413a94aad87a044524

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
LoadResource
GetLastError
SizeofResource
LoadLibraryExA
FindResourceA
lstrcpyA
GetModuleFileNameA
SearchPathA
CreateFileA
FreeLibrary
GlobalLock
CloseHandle
lstrcmpiA
lstrlenW
lstrlenA
GlobalHandle
GlobalUnlock
GlobalFree
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
GlobalAlloc
GetCurrentThreadId
WideCharToMultiByte
GetModuleHandleA
GetCurrentProcess
lstrcatA
HeapDestroy
ReadFile
SetFilePointer
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
GetStdHandle
GetLocaleInfoW
SetStdHandle
GetLocaleInfoA
FlushFileBuffers
LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DisableThreadLibraryCalls
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
HeapReAlloc
SetHandleCount
TerminateProcess
GetProcAddress
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
VirtualAlloc
ExitProcess
VirtualFree
HeapCreate
GetVersion
GetCommandLineA
HeapAlloc
HeapFree

user32

SetRect
CreateWindowExA
CallWindowProcA
GetClassInfoExA
LoadCursorA
RegisterClassExA
SetWindowLongA
GetDC
PtInRect
UnionRect
ShowWindow
DrawIcon
LoadIconA
DefWindowProcA
DestroyWindow
wsprintfA
CharNextA
LoadStringA
BeginPaint
ReleaseDC
OffsetRect
SetFocus
GetParent
IsWindow
SetWindowPos
SetWindowRgn
EqualRect
IntersectRect
InvalidateRect
EndPaint
GetClientRect

gdi32

SetWindowExtEx
CreateRectRgnIndirect
GetStockObject
DeleteMetaFile
Rectangle
SetWindowOrgEx
SelectObject
CreateMetaFileA
DeleteDC
SaveDC
SetMapMode
CloseMetaFile
RestoreDC
SetViewportOrgEx
GetDeviceCaps
CreateDCA
LPtoDP

advapi32

RegQueryInfoKeyA
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA

ole32

CreateOleAdviseHolder
CoCreateInstance
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
WriteClassStm
OleSaveToStream
OleLoadFromStream
ProgIDFromCLSID

oleaut32

VarI4FromStr
OleCreatePropertyFrame
SysAllocStringLen
UnRegisterTypeLi
SysFreeString
SysStringLen
SysAllocString
VariantClear
VariantInit
LoadTypeLi
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
LoadRegTypeLi
SetErrorInfo
CreateErrorInfo
RegisterTypeLi

ltbar13n

ord108
ord107
ord100
ord102
ord109
ord101
ord103
ord105
ord104

ltkrn13n

ord116
ord197
ord125
ord196

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

167e73bab837d6413a94aad87a044524

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

ltbar13n

ltkrn13n

Exports

Exports

Sections

.text Size: 61KB - Virtual size: 60KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 38KB - Virtual size: 43KB

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 61KB - Virtual size: 60KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 38KB - Virtual size: 43KB

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 9KB - Virtual size: 8KB