8ff2d12302678f5c8dc691d14b54a5eecd129c078f1e1616ea1cd4b00c4a07d8

Sharing

Copy URL

Twitter E-mail

General

Target

8ff2d12302678f5c8dc691d14b54a5eecd129c078f1e1616ea1cd4b00c4a07d8
Size

416KB
MD5

1b7639f61f85492113c72452c46515bf
SHA1

00a28693a8595496f61ef2601926599bb370f654
SHA256

8ff2d12302678f5c8dc691d14b54a5eecd129c078f1e1616ea1cd4b00c4a07d8
SHA512

0800b013676618e2eb9de77ad037f3d87a265d9d437cfd356cc87d692648d23f915f12e09ad40e039931ede564a7017b0ae40fbab7185070d1d49a49870ba9ed
SSDEEP

6144:Y/NjCO+cHH3hblLeD2eV1OITFQeewQeeQQeesQee3aQeefQeeLb+JoYtUJhXVieP:OCOdxbQD5PZWoyUJhQaZw+

Score

N/A

Malware Config

Signatures

Files

8ff2d12302678f5c8dc691d14b54a5eecd129c078f1e1616ea1cd4b00c4a07d8
.dll regsvr32 windows x86

64ee37112a832cc10b923fb485d40139

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

isdigit
isspace
_CIpow
exit
sprintf
calloc
?terminate@@YAXXZ
memmove
vswprintf
_setjmp3
_finite
__CxxFrameHandler
floor
longjmp
_CIacos
_adjust_fdiv
_initterm
rand
time
srand
_ftol
_except_handler3
_purecall
??2@YAPAXI@Z
realloc
free
malloc
??3@YAXPAX@Z

kernel32

GetShortPathNameW
GetShortPathNameA
IsBadWritePtr
IsBadReadPtr
OutputDebugStringW
OutputDebugStringA
lstrcpyW
lstrcmpiW
lstrcmpiA
lstrcatW
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
lstrcpynW
GetModuleFileNameW
GetModuleFileNameA
LocalAlloc
FindResourceW
FindResourceA
GetModuleHandleA
lstrlenW
GetVersionExA
WideCharToMultiByte
IsProcessorFeaturePresent
LockResource
InterlockedExchange
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentProcess
FlushInstructionCache
VirtualAlloc
VirtualFree
SetEvent
WaitForSingleObject
RaiseException
CloseHandle
GetLastError
LoadResource
SizeofResource
lstrlenA
DisableThreadLibraryCalls
GetProcAddress
FreeLibrary
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar

advapi32

RegEnumKeyExW
RegEnumKeyExA
RegQueryValueExW
RegQueryValueExA
RegCreateKeyExA
RegCreateKeyExW
RegEnumValueA
RegEnumValueW
RegOpenKeyA
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueA
RegDeleteValueW
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegSetValueExA
RegSetValueExW
RegCloseKey

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance

oleaut32

RegisterTypeLi
SysAllocString
SysFreeString
LoadRegTypeLi
VarUI4FromStr
LoadTypeLi
SysStringLen

user32

GetWindowRect
MonitorFromWindow
ReleaseDC
IsWindow
FillRect
GetClientRect
GetDC
GetSystemMetrics
IsRectEmpty
SetRectEmpty
CopyRect
SetCursor
CallNextHookEx
GetAsyncKeyState
CharNextW
wvsprintfW
SetWindowsHookExW
SetWindowsHookExA
SetWindowLongW
SetWindowLongA
RegisterWindowMessageA
RegisterClassW
RegisterClassA
PostMessageW
PostMessageA
LoadStringW
LoadStringA
LoadCursorW
LoadCursorA
GetWindowLongW
GetWindowLongA
DefWindowProcW
DefWindowProcA
CreateWindowExW
CreateWindowExA
CallWindowProcW
CallWindowProcA
SendMessageA
IsWindowUnicode
ShowWindow
UpdateWindow
UnhookWindowsHookEx
DestroyWindow

gdi32

StretchBlt
SetBkColor
SetTextColor
SetTextAlign
TextOutW
SetStretchBltMode
DeleteObject
GetStockObject

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64ee37112a832cc10b923fb485d40139

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

ole32

oleaut32

user32

gdi32

winmm

Exports

Exports

Sections

.text Size: 280KB - Virtual size: 277KB

.data Size: 24KB - Virtual size: 24KB

.data1 Size: 60KB - Virtual size: 58KB

.rsrc Size: 32KB - Virtual size: 28KB

.reloc Size: 16KB - Virtual size: 14KB

.text
Size: 280KB - Virtual size: 277KB

.data
Size: 24KB - Virtual size: 24KB

.data1
Size: 60KB - Virtual size: 58KB

.rsrc
Size: 32KB - Virtual size: 28KB

.reloc
Size: 16KB - Virtual size: 14KB