5811d8ada1ebb2d51535d73df4b570107832c4281d6c446480a958026606cedb

Sharing

Copy URL Twitter E-mail

General

Target

5811d8ada1ebb2d51535d73df4b570107832c4281d6c446480a958026606cedb
Size

704KB
MD5

95a778eb41244c70f47703142a407c34
SHA1

51e2b888e3fe0372f50ae3f846ee3406a7393f56
SHA256

5811d8ada1ebb2d51535d73df4b570107832c4281d6c446480a958026606cedb
SHA512

b5fbd948dca9a05ff3acba19d2a393f203ece2001a27f5c26b7972cb4e85f64ecefd3c9b46202c39623b3f477e6cdc724529d1efb2bd0eb9d87a8a1bd0ac1eb3
SSDEEP

12288:QIfjcpnak5XVbnf4yhJLE1tOWsyrAQH+:DObVbnf4eJLE18QMQH+

Score

N/A

Malware Config

Signatures

Files

5811d8ada1ebb2d51535d73df4b570107832c4281d6c446480a958026606cedb
.dll regsvr32 windows x86

e0ac5077397b3123a70700b7fbad5c4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitializeEx
CoUnmarshalInterface
ProgIDFromCLSID
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
CoReleaseMarshalData
CreateStreamOnHGlobal
GetHGlobalFromStream
CoMarshalInterface
OleSaveToStream
WriteClassStm
OleLoadFromStream
StringFromGUID2
CoCreateInstance
CreateDataAdviseHolder
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc

msimg32

GradientFill

kernel32

GlobalAlloc
MulDiv
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
lstrcpynA
lstrcpyA
GetModuleFileNameA
GlobalLock
SetLastError
IsDBCSLeadByte
LockResource
LoadResource
FindResourceA
FreeLibrary
LoadLibraryA
SizeofResource
LoadLibraryExA
GetModuleHandleA
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
HeapAlloc
GlobalFree
lstrcmpA
GlobalHandle
CreateMutexA
CloseHandle
WaitForSingleObject
ReleaseMutex
CreateEventA
GetProcAddress
GetCurrentDirectoryA
SetEvent
ResetEvent
WaitForMultipleObjects
CreateThread
GetExitCodeThread
TerminateThread
GlobalUnlock
lstrcmpiA
lstrlenA
GetProcessHeap
HeapFree
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
LocalFree
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcatA
SetErrorMode

oleaut32

SysFreeString
GetErrorInfo
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VariantClear
VariantInit
SysStringByteLen
VariantChangeType
VarUI4FromStr
SysAllocStringByteLen
LoadRegTypeLi
SysStringLen
OleCreatePropertyFrame
SysAllocStringLen
OleCreateFontIndirect
OleTranslateColor
SetErrorInfo
CreateErrorInfo
SafeArrayPutElement
SafeArrayCreate
SystemTimeToVariantTime

user32

wsprintfA
RegisterClassExA
CreateAcceleratorTableA
GetClassNameA
RedrawWindow
BeginPaint
EndPaint
GetWindowLongA
DefWindowProcA
CallWindowProcA
GetDesktopWindow
InvalidateRgn
GetClientRect
FillRect
SetCapture
ReleaseCapture
DestroyAcceleratorTable
CreateWindowExA
MapDialogRect
SetWindowContextHelpId
CreateDialogParamA
SystemParametersInfoA
SendDlgItemMessageA
WinHelpA
GetDialogBaseUnits
MoveWindow
LoadCursorA
SetFocus
ShowWindow
GetFocus
IsChild
GetParent
SendMessageA
GetWindow
GetNextDlgTabItem
CopyAcceleratorTableA
IsDialogMessageA
GetKeyState
InvalidateRect
IsWindow
SetWindowLongA
DestroyWindow
UnregisterClassA
GetDC
ReleaseDC
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
UnionRect
PtInRect
GetSysColor
DrawTextA
CharNextA
GetClassInfoExA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
CreateDialogIndirectParamA
EnumChildWindows
LoadBitmapA
LoadStringA
MessageBoxA
GetWindowRect
ScreenToClient
PostMessageA
SetTimer
KillTimer
GetSysColorBrush
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
InflateRect
UpdateWindow
SetRectEmpty
GetDlgItem
RegisterWindowMessageA

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA

shlwapi

PathFindExtensionA

gdi32

TextOutA
CreatePen
SetDIBits
SetPixel
SetStretchBltMode
StretchBlt
DeleteObject
CreateDCA
LPtoDP
GetTextExtentPointA
SetViewportOrgEx
DeleteDC
GetDeviceCaps
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
GetTextMetricsA
CreateFontIndirectA
SetBkColor
GetObjectA
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateSolidBrush
SetMapMode
ExtSelectClipRgn
MoveToEx
LineTo
SetBkMode
SetTextColor
Rectangle
SelectObject
GetStockObject
CreateRectRgnIndirect
DeleteMetaFile

msvcp71

?_Nomemory@std@@YAXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?_Xran@_String_base@std@@QBEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr71

memset
malloc
free
_resetstkoflw
??0exception@@QAE@ABV0@@Z
_CxxThrowException
realloc
_purecall
__CxxFrameHandler
wcsncpy
strncpy
??0exception@@QAE@XZ
??1exception@@UAE@XZ
strchr
memmove
strncmp
_snprintf
sscanf
_fullpath
sprintf
strrchr
_splitpath
_itoa
localtime
tolower
isupper
??_V@YAXPAX@Z
??3@YAXPAX@Z
wcslen
_callnewh
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
__security_error_handler
?terminate@@YAXXZ
_strnicmp
_stricmp
_putenv
_except_handler3

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 468KB - Virtual size: 467KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0ac5077397b3123a70700b7fbad5c4d

Headers

File Characteristics

Imports

ole32

msimg32

kernel32

oleaut32

user32

advapi32

shlwapi

gdi32

msvcp71

msvcr71

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 178KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 468KB - Virtual size: 467KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 180KB - Virtual size: 178KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 468KB - Virtual size: 467KB

.reloc
Size: 16KB - Virtual size: 13KB