3845624872ddc818e2337629b965818544ea7c64c9f8c86f1aec223334598c7a

Sharing

Copy URL

Twitter E-mail

General

Target

3845624872ddc818e2337629b965818544ea7c64c9f8c86f1aec223334598c7a
Size

1.2MB
MD5

594a1e19003924ee563d6959d24973d4
SHA1

2ee970fc617ae135dfebac1235de30e251450c1c
SHA256

3845624872ddc818e2337629b965818544ea7c64c9f8c86f1aec223334598c7a
SHA512

438f6cebb7cbcc79677d03644b6b9aab4962fd35da236a55e4d4ef640121d48c0ac3f8fcfcd6c7f79a3cc66d47ac27aa2fa93260fec49db2138f0c88f057e83a
SSDEEP

24576:rao5RV9TGwn8ClomP5oOywzLnbEbzpg6Y:rao5RV9DRomP5oO5beu

Score

N/A

Malware Config

Signatures

Files

3845624872ddc818e2337629b965818544ea7c64c9f8c86f1aec223334598c7a
.dll regsvr32 windows x86

c77fcc7fbd4ab664a66c494f539436e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcsncmp
wcslen
swprintf
vswprintf
wcscspn
wcsspn
wcsstr
wcsrchr
_wcsrev
_wcslwr
_wcsupr
wcschr
wcspbrk
wcscmp
realloc
fflush
?terminate@@YAXXZ
_onexit
__dllonexit
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
wcsncpy
wcscpy
_ltow
_ultow
_itow
modf
ceil
floor
_wcsnicmp
__argc
__wargv
_beginthreadex
_endthreadex
_wsplitpath
_wfullpath
_wtol
_wcsdup
_expand
wcstod
wcstol
wcstoul
_snwprintf
__CxxFrameHandler
_msize
_purecall
_except_handler3
time
wcsftime
localtime
gmtime
mktime
iswspace
_wtoi
iswdigit
fseek
ftell
fgetws
fputws
fwrite
fread
clearerr
fclose
_open_osfhandle
_fdopen
__doserrno
_get_osfhandle
abort
free
malloc
memmove
_CxxThrowException
calloc

kernel32

GlobalHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
WaitForSingleObject
CreateSemaphoreW
ReleaseSemaphore
CreateMutexW
ReleaseMutex
CreateEventW
WaitForMultipleObjects
GetVersionExA
GetModuleHandleW
lstrcatW
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GetVersion
GlobalAddAtomW
GetCurrentThreadId
FreeResource
LockResource
LoadResource
FindResourceW
GlobalGetAtomNameW
GetModuleHandleA
MulDiv
GetProfileIntW
VirtualProtect
lstrcpynA
FindResourceExW
SizeofResource
GetProcessVersion
lstrcmpW
GlobalFlags
GetTempFileNameW
GetDiskFreeSpaceW
LocalUnlock
LocalLock
SearchPathW
GetTempPathW
GetVersionExW
VirtualAlloc
GetSystemInfo
VirtualQuery
FindNextFileW
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
lstrcmpiA
GetCurrentThread
SetErrorMode
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetCurrentDirectoryW
GetTickCount
CopyFileW
GetUserDefaultLCID
IsDBCSLeadByte
lstrcpyA
LoadLibraryExA
lstrcatA
GetSystemDirectoryA
InterlockedCompareExchange
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageW
LocalFree
InterlockedIncrement
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
SetFileAttributesW
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FindClose
GetFileTime
GetFileSize
GetFileAttributesW
GlobalFree
GlobalUnlock
GlobalReAlloc
GlobalAlloc
GlobalLock
GlobalSize
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
lstrcpyW
LoadLibraryW
GetProcAddress
WriteFile
GetCurrentProcess
DuplicateHandle
GetModuleFileNameW
GetShortPathNameW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
DeleteFileW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
ReadFile
lstrlenA
lstrcmpA
OutputDebugStringW
lstrlenW
GetLastError
SetLastError
lstrcpynW
TlsGetValue
DelayLoadFailureHook

user32

UnionRect
DrawFocusRect
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
wvsprintfW
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
TabbedTextOutW
BeginPaint
EndPaint
GetSysColorBrush
GetClassNameW
SetWindowTextW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageW
MoveWindow
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
DestroyIcon
DestroyCursor
SetCursorPos
SystemParametersInfoW
FindWindowW
IsClipboardFormatAvailable
MessageBeep
GetTabbedTextExtentW
RemoveMenu
ValidateRect
PostQuitMessage
UnregisterClassW
ShowOwnedPopups
GetMenuStringW
InsertMenuW
RegisterClipboardFormatW
CopyAcceleratorTableW
InSendMessage
PostThreadMessageW
CreateMenu
WindowFromDC
CountClipboardFormats
SetWindowContextHelpId
CharNextW
GetNextDlgGroupItem
ClipCursor
DrawEdge
EnumChildWindows
InvalidateRgn
FrameRect
LoadStringW
MessageBoxA
GrayStringW
DrawTextW
GetTabbedTextExtentA
LockWindowUpdate
GetDCEx
SetParent
GetSystemMenu
AppendMenuW
DeleteMenu
IsRectEmpty
IsZoomed
GetDC
KillTimer
SetTimer
SetRect
LoadBitmapW
ReleaseDC
GetWindowDC
InvertRect
FillRect
PtInRect
InflateRect
RedrawWindow
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
WaitMessage
GetMessageW
TranslateMessage
GetCursorPos
WindowFromPoint
SetCapture
GetWindowThreadProcessId
ClientToScreen
LoadCursorW
GetActiveWindow
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
SetCursor
ReleaseCapture
InvalidateRect
SetRectEmpty
BringWindowToTop
SetMenu
ShowWindow
GetDesktopWindow
IsWindowEnabled
TranslateAcceleratorW
LoadAcceleratorsW
RegisterWindowMessageW
GetCapture
WinHelpW
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
SetPropW
SendDlgItemMessageW
SendDlgItemMessageA
DispatchMessageW
GetPropW
RemovePropW
GetMessageTime
GetMessagePos
GetFocus
IsWindow
SetFocus
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
TrackPopupMenu
GetKeyState
DestroyWindow
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
LoadIconW
EnableWindow
PeekMessageW
MapWindowPoints
GetSysColor
GetForegroundWindow
SetForegroundWindow
GetLastActivePopup
AdjustWindowRectEx
ShowScrollBar
EqualRect
DeferWindowPos
SetActiveWindow
ScrollWindow
IsWindowVisible
GetScrollInfo
SetScrollInfo
UpdateWindow
ScreenToClient
GetClientRect
MessageBoxW
GetParent
GetMenu
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetClassInfoW
RegisterClassW
SetWindowPlacement
GetDlgItem
GetWindowTextLengthW
GetWindowTextW
GetDlgCtrlID
SendMessageW
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
GetWindow
MsgWaitForMultipleObjects
UnhookWindowsHookEx
CharUpperW
GetSystemMetrics
wsprintfW
IsChild

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyW
SetFileSecurityW
GetFileSecurityW
RegSetValueExW
RegCreateKeyW
RegSetValueW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW

gdi32

GetClipBox
SetTextColor
SetBkColor
GetObjectW
CreateSolidBrush
CreateCompatibleDC
SelectObject
BitBlt
ExtTextOutW
GetTextExtentPoint32W
GetTextMetricsW
CreateFontIndirectW
DeleteDC
StretchDIBits
CreateCompatibleBitmap
DeleteObject
GetCharWidthW
CreateFontW
GetStockObject
RestoreDC
SaveDC
GetNearestColor
Escape
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
PtVisible
RectVisible
GetTextAlign
GetTextFaceW
GetViewportExtEx
GetWindowExtEx
MoveToEx
GetCurrentPositionEx
GetTextExtentPoint32A
SetWindowOrgEx
GetWindowOrgEx
SetViewportOrgEx
GetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
SetWindowExtEx
SetMapMode
GetDeviceCaps
IntersectClipRect
ScaleViewportExtEx
ScaleWindowExtEx
CloseMetaFile
DeleteMetaFile
TextOutW
Rectangle
PatBlt
CreatePen
CreatePatternBrush
CreateBitmap
UnrealizeObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
ExcludeClipRect
OffsetClipRgn
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
StartDocW
SelectPalette
OffsetWindowOrgEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreateDIBPatternBrushPt
ExtCreatePen
CreateHatchBrush
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
LPtoDP
CopyMetaFileW
CreateMetaFileW
SetBrushOrgEx
OffsetRgn
CreatePalette
RealizePalette
GetPaletteEntries
GetPixel
EnumFontFamiliesW
CreateDCW
CreateRectRgnIndirect
EnumFontFamiliesExW

ole32

CoUninitialize
CoGetClassObject
CoInitialize
StringFromGUID2
OleLoadFromStream
ReadClassStm
CreateDataCache
CoGetMalloc
CreateDataAdviseHolder
CreateOleAdviseHolder
CoDisconnectObject
OleRegGetMiscStatus
OleRegEnumVerbs
CoTreatAsClass
OleDuplicateData
WriteFmtUserTypeStg
SetConvertStg
WriteClassStg
GetRunningObjectTable
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
GetClassFile
CreateFileMoniker
CreateBindCtx
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
CoTaskMemAlloc
OleIsRunning
OleRun
OleQueryLinkFromData
OleQueryCreateFromData
OleSetMenuDescriptor
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
OleLoad
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
StringFromCLSID
OleLockRunning
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
CoTaskMemFree
ReleaseStgMedium
OleSave
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleInitialize
CoFreeUnusedLibraries
OleUninitialize

oleaut32

LoadTypeLi
OleCreateFontIndirect
VariantTimeToSystemTime
OleTranslateColor
SafeArrayCreateVector
OleCreatePictureIndirect
OleLoadPicture
RegisterTypeLi
LoadRegTypeLi
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysAllocStringByteLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
SysStringByteLen
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysReAllocStringLen
VariantClear
SysAllocStringLen
VariantCopy
VariantChangeType
SysFreeString
OleCreatePropertyFrame
SysStringLen

wininet

InternetWriteFile
InternetFindNextFileW
HttpQueryInfoW
HttpAddRequestHeadersW
InternetErrorDlg
FtpGetFileW
FtpPutFileW
FtpGetCurrentDirectoryW
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
FtpCreateDirectoryW
FtpRenameFileW
FtpDeleteFileW
InternetQueryDataAvailable
InternetSetOptionExW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetGetLastResponseInfoW
GopherGetAttributeW
FtpFindFirstFileW
GopherFindFirstFileW
InternetOpenW
InternetSetStatusCallbackW
InternetSetCookieW
InternetGetCookieW
InternetSetFilePointer
InternetCloseHandle
InternetReadFile
InternetConnectW
FtpOpenFileW
GopherCreateLocatorW
HttpSendRequestW
HttpEndRequestW
HttpSendRequestExW
InternetOpenUrlW
GopherOpenFileW
HttpOpenRequestW

wsock32

htonl
htons
ioctlsocket
accept
WSASetLastError
socket
select
ntohs
inet_addr
bind
WSAGetLastError
getsockname
getpeername
connect
sendto
recvfrom
WSAAsyncSelect
send
recv
closesocket
gethostbyname
WSACleanup
WSAStartup

odbc32

ord72
ord4
ord41
ord2
ord1
ord23
ord15
ord9
ord14
ord10
ord20
ord61
ord48
ord49
ord17
ord13
ord59
ord8
ord11
ord19
ord46
ord3
ord16
ord12
ord43
ord18
ord68
ord44
ord50
ord45
ord51
ord5

Exports

Exports

?classCCachedDataPathProperty@CCachedDataPathProperty@@2UCRuntimeClass@@B
?classCDataPathProperty@CDataPathProperty@@2UCRuntimeClass@@B
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1010KB - Virtual size: 1009KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c77fcc7fbd4ab664a66c494f539436e5

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

gdi32

ole32

oleaut32

wininet

wsock32

odbc32

Exports

Exports

Sections

.text Size: 1010KB - Virtual size: 1009KB

.data Size: 90KB - Virtual size: 108KB

.rsrc Size: 41KB - Virtual size: 40KB

.reloc Size: 70KB - Virtual size: 69KB

.text
Size: 1010KB - Virtual size: 1009KB

.data
Size: 90KB - Virtual size: 108KB

.rsrc
Size: 41KB - Virtual size: 40KB

.reloc
Size: 70KB - Virtual size: 69KB