4253889194b0e2758af09947391ad961d782a52dced587215159e02ecab3c034

Sharing

Copy URL Twitter E-mail

General

Target

4253889194b0e2758af09947391ad961d782a52dced587215159e02ecab3c034
Size

42KB
MD5

cd56fcb57d7d501d5beb567bdc1154a0
SHA1

bfbb3c815ef10a7f73f9bf3edd4ea62a40c781da
SHA256

4253889194b0e2758af09947391ad961d782a52dced587215159e02ecab3c034
SHA512

5b5ff349ec040d0c9982fe8e8bd4b45b8c9ec24d8373a7e76e4c8f64bd006b139b31d726585d608015b8081d2e50eeae05e53ced9e3ec0c8c08e908e07ea2107
SSDEEP

768:i97AjvqJQXrG7GvtqHbPpL1dXHxWxWXR9MzVBEq:lvkQbUb7F8xWUVBE

Score

N/A

Malware Config

Signatures

Files

4253889194b0e2758af09947391ad961d782a52dced587215159e02ecab3c034
.dll regsvr32 windows x86

4f2eff5705fe18e6ff322f6f5e17d7b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_initterm
_purecall
realloc
malloc
_adjust_fdiv
strtok
??2@YAPAXI@Z
wcslen
_vsnprintf
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_except_handler3
free
_onexit
__dllonexit
iswdigit
_wtol
wcsncmp
__CxxFrameHandler
strstr
??3@YAXPAX@Z
_vsnwprintf

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoMarshalInterThreadInterfaceInStream
CoInitialize
CoGetInterfaceAndReleaseStream
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysAllocString
SysAllocStringLen

userenv

GetUserProfileDirectoryA

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
DisableThreadLibraryCalls
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetShortPathNameA
lstrcatA
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
lstrcpynA
IsDBCSLeadByte
lstrcmpiA
lstrlenA
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpyA
CloseHandle
SetEvent
CreateEventA
ResetEvent
WaitForMultipleObjects
CreateThread
WaitForSingleObject
GetLastError
CreateDirectoryA
GetCurrentProcess
GetPrivateProfileStringA
InitializeCriticalSection
GetTempFileNameA
WritePrivateProfileStringA

user32

CharNextA
SetWindowsHookExA
CallNextHookEx
UnhookWindowsHookEx
MessageBoxA
LoadStringA
GetFocus

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
OpenProcessToken
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegSetValueExA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f2eff5705fe18e6ff322f6f5e17d7b4

Headers

File Characteristics

Imports

msvcrt

ole32

oleaut32

userenv

kernel32

user32

advapi32

comdlg32

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 27KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 27KB - Virtual size: 27KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 2KB