9643205e78ec7132d2a583acdb56277944a1612559239b2470c664d63c8971b0

Sharing

Copy URL Twitter E-mail

General

Target

9643205e78ec7132d2a583acdb56277944a1612559239b2470c664d63c8971b0
Size

428KB
MD5

976f26b4d094d7e9c49762aa3c9138b5
SHA1

d929ce18ef36271a9d5b55a2c25f2eb9ebcfce6e
SHA256

9643205e78ec7132d2a583acdb56277944a1612559239b2470c664d63c8971b0
SHA512

692cd435b587c4cb3e218bcf4c06c4aaf35be572ecc27896db3c2e301fa2c8dc1e0120e161455d32a9bc1de1080b029441662f57e3586ffa4e59f1723a25e910
SSDEEP

6144:ntOWjjToa821ZGHQ8br6MDhghaYSLQHDX7oZLL+3jioRXTye:MWjHoa821ZGHR2OL+7mvSbxGe

Score

N/A

Malware Config

Signatures

Files

9643205e78ec7132d2a583acdb56277944a1612559239b2470c664d63c8971b0
.dll regsvr32 windows x86

13351a7b2582ef2818f2acdd09984bba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
GetThreadLocale
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameW
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GetModuleHandleA
GlobalFlags
CompareStringW
GetVersionExA
LoadLibraryA
GlobalFindAtomW
HeapFree
RtlUnwind
HeapAlloc
GetCommandLineA
GetProcessHeap
GetFileSize
ExitProcess
SetStdHandle
GetFileType
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStdHandle
LCMapStringA
LCMapStringW
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFree
GlobalUnlock
FormatMessageW
LocalFree
WritePrivateProfileStringW
GetCurrentProcessId
SetLastError
GlobalAddAtomW
GlobalDeleteAtom
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
GlobalLock
GlobalAlloc
DeleteFileW
Sleep
RaiseException
GetVersion
CreateFileW
GetVolumeInformationW
FindFirstFileW
FindClose
CreateThread
GetTickCount
GetCurrentThread
SetThreadPriority
InterlockedExchange
GetModuleHandleW
VirtualAlloc
CreateSemaphoreW
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
VirtualFree
GetSystemInfo
ReleaseSemaphore
WaitForSingleObject
ResetEvent
SetEvent
CreateEventW
CloseHandle
lstrcpynW
InterlockedDecrement
InterlockedIncrement
lstrcmpW
GetLastError
lstrlenA
lstrlenW
DisableThreadLibraryCalls
GetVersionExW
GetModuleFileNameA
GetModuleFileNameW
LoadLibraryW
GetProcAddress
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
HeapReAlloc

user32

LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
UnregisterClassA
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
DestroyMenu
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
UnregisterClassW
CharUpperW
GetSystemMetrics
GetMenuItemID
GetMenuItemCount
GetSubMenu
UnhookWindowsHookEx
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
LoadCursorW
GetSysColorBrush
ShowWindow
DefWindowProcW
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
SendMessageW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
SetRect
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
wsprintfW

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
RestoreDC
SetViewportExtEx
PtVisible
SaveDC
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
SetBkColor
GetDeviceCaps
CreateBitmap
DeleteObject
GetClipBox
SetMapMode
SetTextColor
RectVisible

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegCreateKeyExW
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shlwapi

PathFindExtensionW
PathStripToRootW
PathFindFileNameW
PathRemoveFileSpecA
PathAddBackslashA
PathIsUNCW

ole32

StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString

oleaut32

VariantChangeType
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString
VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 268KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13351a7b2582ef2818f2acdd09984bba

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 268KB - Virtual size: 264KB

_TEXT64 Size: 4KB - Virtual size: 1KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 28KB - Virtual size: 42KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 40KB - Virtual size: 37KB

.text
Size: 268KB - Virtual size: 264KB

_TEXT64
Size: 4KB - Virtual size: 1KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 28KB - Virtual size: 42KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 40KB - Virtual size: 37KB