68d3c2572a3bafe734caba0ccbbdf1f5c2879eb084c79b8242067eb6a6ec7ea0

Sharing

Copy URL Twitter E-mail

General

Target

68d3c2572a3bafe734caba0ccbbdf1f5c2879eb084c79b8242067eb6a6ec7ea0
Size

1.5MB
MD5

354565deccbd0d66158ca691f261246f
SHA1

af64c255a22255152a42060a242fcf3e085178f4
SHA256

68d3c2572a3bafe734caba0ccbbdf1f5c2879eb084c79b8242067eb6a6ec7ea0
SHA512

59bbfc15bb7b8618ef333be2e99602bb0a7347a663ab3185fba116ddcb643fd059f50c36681c07097e096f6bef310b1e9e15f3582aae1305345220496b03b3c4
SSDEEP

24576:m+uWFr0MpWiL5dEMnSW+FZCmKp/1KqSvCRPYySOWkoOt7RSPEUtIN87xV0:BvDpWiLPUqFRPYySzkog78PEUW8P0

Score

N/A

Malware Config

Signatures

Files

68d3c2572a3bafe734caba0ccbbdf1f5c2879eb084c79b8242067eb6a6ec7ea0
.dll regsvr32 windows x86

f63c263bf2b353028bd6d334c9e47976

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
memcpy
_adjust_fdiv
_initterm
_XcptFilter
??3@YAXPAX@Z
_vsnwprintf
_purecall
time
srand
_unlock
_lock
malloc
_amsg_exit
rand
fprintf
fclose
fflush
fwprintf
asctime
localtime
_CIsqrt
_wfopen
fopen
_beginthreadex
ceil
floor
_resetstkoflw
puts
_CIasin
_CIcos
_CIsin
_CItan
_CIlog
perror
??2@YAPAXI@Z
_ftol
__dllonexit
_onexit
memset

mfplat

MFHeapFree
MFHeapAlloc

user32

IsRectEmpty
ReleaseDC
GetDC
GetDesktopWindow

gdi32

GetSystemPaletteEntries

kernel32

SetLastError
InitializeCriticalSectionAndSpinCount
GetLastError
ExitProcess
VirtualAlloc
VirtualProtect
VirtualFree
DelayLoadFailureHook
GetCurrentProcessId
GetCurrentThreadId
GlobalMemoryStatus
GetDiskFreeSpaceA
GetEnvironmentStringsW
GetEnvironmentStrings
lstrlenW
lstrlenA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DeviceIoControl
GetVersionExA
GetModuleHandleW
HeapFree
GetProcessHeap
HeapAlloc
GetProcessAffinityMask
SetThreadAffinityMask
LocalAlloc
LoadLibraryW
GetCurrentThread
GetThreadPriority
SetThreadPriority
InterlockedExchangeAdd
SignalObjectAndWait
GetSystemPowerStatus
GetSystemTimeAsFileTime
GetSystemInfo
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
GetVersionExW
GetVersion
GetProcAddress
LoadLibraryA
Sleep
QueryPerformanceFrequency
InterlockedIncrement
QueryPerformanceCounter
FreeLibrary
InterlockedCompareExchange
GetModuleFileNameA
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetComputerNameA
GetLocalTime
CloseHandle
GetEnvironmentVariableW
GetTickCount
WaitForSingleObject
SetEvent
ReleaseSemaphore
WaitForMultipleObjects
DuplicateHandle
CreateThread
CreateSemaphoreW
CreateEventW
ResetEvent
InterlockedExchange
LocalFree

ole32

CoTaskMemAlloc
PropVariantClear
CoTaskMemFree
PropVariantCopy

oleaut32

SysAllocString
SysFreeString
VariantInit

advapi32

GetTraceEnableLevel
RegCloseKey
RegQueryValueExW
RegQueryValueExA
RegCreateKeyExA
RegCreateKeyExW
RegisterTraceGuidsW
GetTraceLoggerHandle
GetTraceEnableFlags
TraceEvent
UnregisterTraceGuids
RegSetValueA
RegSetValueExA
RegCreateKeyW
RegOpenKeyExW
RegSetValueExW
RegOpenKeyW

msdmo

MoDeleteMediaType
MoDuplicateMediaType
MoCopyMediaType
DMORegister
MoFreeMediaType
MoInitMediaType
DMOUnregister

ws2_32

htonl

Exports

Exports

CreateInstance
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.no_bbt
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT_DATA
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f63c263bf2b353028bd6d334c9e47976

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

mfplat

user32

gdi32

kernel32

ole32

oleaut32

advapi32

msdmo

ws2_32

Exports

Exports

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.no_bbt Size: 6KB - Virtual size: 6KB

RT_CODE Size: 5KB - Virtual size: 4KB

.data Size: 148KB - Virtual size: 148KB

RT_DATA Size: 60KB - Virtual size: 60KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 19KB - Virtual size: 18KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.no_bbt
Size: 6KB - Virtual size: 6KB

RT_CODE
Size: 5KB - Virtual size: 4KB

.data
Size: 148KB - Virtual size: 148KB

RT_DATA
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 19KB - Virtual size: 18KB