3fb624892b39de6f53254bb57a8d30059214e4657170706279a15267620436d5

Sharing

Copy URL Twitter E-mail

General

Target

3fb624892b39de6f53254bb57a8d30059214e4657170706279a15267620436d5
Size

68KB
MD5

9bf893f81e558ba4f6cfe177f2eb3ad5
SHA1

8d076d2f4f2950870a70a893ef61429287ca7159
SHA256

3fb624892b39de6f53254bb57a8d30059214e4657170706279a15267620436d5
SHA512

32efa240635c88884e93aeaa1220a09b99a7b0467e457588c3472991cd7e39119af621a862d0aceb3c109fd3608ae2faf3cacf9473c61f7c76c02af4cc8bb615
SSDEEP

768:46Sb6MoH3QcDHenW+nZuTUuLY1P0yutFNj8lvEWNV75GAssyTwqay/enayannbH8:RO6jH3QUCWohum8+RAczyvyOrtksbg

Score

N/A

Malware Config

Signatures

Files

3fb624892b39de6f53254bb57a8d30059214e4657170706279a15267620436d5
.dll regsvr32 windows x86

61cdbca8ee8bf07c986e768398ee2479

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
CopyFileA
HeapAlloc
GetSystemInfo
GetVersionExA
HeapCreate
SetLastError
GetLastError
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
CompareStringA
CompareStringW
GetShortPathNameA
CreateEventA
HeapDestroy
LoadLibraryA
lstrcatA
DeleteFileA
GetTempPathA
GetWindowsDirectoryA
GetTickCount
GetFileAttributesA
GetTempFileNameA
GetCurrentProcessId
GetSystemDirectoryA
DebugBreak
HeapReAlloc
HeapFree
GetCurrentThread
GetVersion
GetPrivateProfileIntA
GetPrivateProfileStringA
LoadLibraryExA
FreeLibrary
DisableThreadLibraryCalls
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
CreateProcessA
CloseHandle
Sleep
lstrlenA
lstrcpyA
GetModuleFileNameA
GetModuleHandleA
lstrcmpiA
GetProcAddress
GetCurrentProcess

user32

WaitForInputIdle
CharUpperA
MessageBoxA
LoadStringA
PeekMessageA
MsgWaitForMultipleObjects
CharNextA
wsprintfA

advapi32

RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegQueryInfoKeyA
RegCloseKey
RegDeleteKeyA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
RegOpenKeyExA

ole32

GetRunningObjectTable
CreateItemMoniker
CoTaskMemFree
StringFromCLSID
CoCreateGuid
CoCreateInstance
CLSIDFromString
CoReleaseMarshalData
ProgIDFromCLSID
CoMarshalInterThreadInterfaceInStream
CoLoadLibrary

oleaut32

CreateErrorInfo
GetErrorInfo
SetErrorInfo
VariantChangeType
VariantCopy
LoadTypeLi
VariantClear
SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
LaunchSetup

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61cdbca8ee8bf07c986e768398ee2479

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB