8c8406d4fd3c528f848a779cf708ea265f41a250fc47fc88295f01f32fdb3527

Sharing

Copy URL Twitter E-mail

General

Target

8c8406d4fd3c528f848a779cf708ea265f41a250fc47fc88295f01f32fdb3527
Size

226KB
MD5

3ae0e4dc4c7608d94e50a64acb8848b5
SHA1

9411e306d8fe8e49d074fbf2e5d0dea1ed979a07
SHA256

8c8406d4fd3c528f848a779cf708ea265f41a250fc47fc88295f01f32fdb3527
SHA512

28f7d0ea76812844d65c7350ef7d03cbf5ad1885cc864d0886af9a1fcd87faaa8dcec39cf74f2270d35a642cd0650f4ebb054b0f3c4330a48faf05b3180fa0b3
SSDEEP

3072:RZ5M/Vw/P+/NuNQTESZlBiJEHpC+BlpJiM1ACYoFWLIMX7:Lqs2ESiyJioBWzX

Score

N/A

Malware Config

Signatures

Files

8c8406d4fd3c528f848a779cf708ea265f41a250fc47fc88295f01f32fdb3527
.dll regsvr32 windows x86

d96494ec8a63e7fbc17c7493680c557f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrFormatByteSizeA

kernel32

HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
ExitProcess
TerminateProcess
CreateThread
ExitThread
RaiseException
HeapSize
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
RtlUnwind
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
FlushFileBuffers
SetFilePointer
WriteFile
GetOEMCP
GetCPInfo
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
MulDiv
SetLastError
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
GlobalUnlock
GlobalFree
LockResource
CreateEventA
SuspendThread
SetThreadPriority
SetEvent
WaitForSingleObject
CloseHandle
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
FormatMessageA
LocalFree
InterlockedExchange
ResumeThread
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
HeapDestroy
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetShortPathNameA
MultiByteToWideChar
lstrlenW
lstrlenA
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FreeEnvironmentStringsA

user32

IsDialogMessageA
SetWindowTextA
ShowWindow
ClientToScreen
TabbedTextOutA
DrawTextA
GrayStringA
UnregisterClassA
LoadStringA
GetClassNameA
PtInRect
GetSysColorBrush
DestroyMenu
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
EndDialog
SetActiveWindow
IsWindow
GetSystemMetrics
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
PostMessageA
EnableWindow
KillTimer
PostQuitMessage
SetTimer
SendMessageA
LoadIconA
DestroyWindow
BeginPaint
GetClientRect
EndPaint
GetDC
ReleaseDC
GetFocus
IsChild
GetClassInfoExA
LoadCursorA
RegisterClassExA
CharNextA
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA
DefWindowProcA
wsprintfA
CreateDialogIndirectParamA

gdi32

DeleteObject
PtVisible
RectVisible
ExtTextOutA
Escape
CreateBitmap
CreateDCA
GetDeviceCaps
LPtoDP
SaveDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
GetStockObject
SelectObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
SetTextAlign
TextOutA
DeleteDC
RestoreDC
Rectangle

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteKeyA
RegQueryValueExA

comctl32

ord17

ole32

CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
SysStringLen
LoadRegTypeLi
RegisterTypeLi
SysAllocString
LoadTypeLi
VarUI4FromStr

urlmon

URLDownloadToFileA

wininet

DeleteUrlCacheEntry

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d96494ec8a63e7fbc17c7493680c557f

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ole32

oleaut32

urlmon

wininet

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 83KB - Virtual size: 97KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 83KB - Virtual size: 97KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 16KB - Virtual size: 16KB