0da18caa911e19a4a7cc691546d0091318746224e93e7aad7bac94c7f2457789

Sharing

Copy URL Twitter E-mail

General

Target

0da18caa911e19a4a7cc691546d0091318746224e93e7aad7bac94c7f2457789
Size

236KB
MD5

df1664c49fa65ce85d3807d205c989d6
SHA1

fd878ab70ab460dac8b05637c72f1040fb8002ae
SHA256

0da18caa911e19a4a7cc691546d0091318746224e93e7aad7bac94c7f2457789
SHA512

d6e6577df484cbd19baaa169ef204f75e461409f9218d69659a71d872455747b1586e15d66a95146a7cadb724f438e0f790a21138268377457419b9f2ad7bd7c
SSDEEP

3072:T78IdkHXYKcSKpnN4XM37IyvddAxjPyYDu8MDTvWtaYPEJZU6RK8VlrU0mD6NH8h:TYIyXYeKpUARAxjKIU+taYs7NU0m2NF

Score

N/A

Malware Config

Signatures

Files

0da18caa911e19a4a7cc691546d0091318746224e93e7aad7bac94c7f2457789
.dll regsvr32 windows x86

3b061fad8266f6f03923cff87f660920

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
LocalReAlloc
TlsFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
lstrcatW
GlobalFlags
GetModuleHandleA
GetVersionExA
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
ExitProcess
TlsAlloc
HeapFree
HeapAlloc
GetCommandLineA
VirtualProtect
VirtualQuery
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
TerminateProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GetFullPathNameW
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
SetLastError
Sleep
GetModuleFileNameW
GetVersion
CreateFileW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcessId
WideCharToMultiByte
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
CreateThread
GetLastError
GetTickCount
lstrcpyW
GetModuleHandleW
GetProcAddress
VirtualAlloc
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
lstrcmpW
VirtualFree
GetSystemInfo
WaitForSingleObject
ResetEvent
SetEvent
CreateEventW
CloseHandle
lstrlenW
lstrcpynW
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
FreeLibrary
InterlockedIncrement
DisableThreadLibraryCalls
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
RtlUnwind

user32

CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconW
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageW
AdjustWindowRectEx
GetClassInfoW
RegisterClassW
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
IsIconic
CopyRect
GrayStringW
DrawTextW
TabbedTextOutW
SetWindowPos
SetWindowLongW
GetDlgItem
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
SetWindowTextW
GetClassNameW
SetWindowsHookExW
CallNextHookEx
GetKeyState
ValidateRect
GetWindowTextW
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
SendMessageW
MessageBoxW
GetParent
PostQuitMessage
DestroyMenu
SetMenuItemBitmaps
ModifyMenuW
GetWindowPlacement
EnableMenuItem
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
CharUpperW
GetSystemMetrics
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DispatchMessageW
RegisterWindowMessageW
wsprintfW
PeekMessageW
UnregisterClassW
DrawTextExW

gdi32

DeleteDC
CreateBitmap
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetBkColor
RestoreDC
SaveDC
DeleteObject
GetDeviceCaps
GetClipBox
SetMapMode
SetTextColor
SelectObject

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueW
RegCreateKeyW
RegDeleteKeyW

comctl32

ord17

shlwapi

PathStripToRootW
PathFindFileNameW
PathIsUNCW

ole32

CLSIDFromString
StringFromGUID2
CoTaskMemAlloc
CoInitialize
CoFreeUnusedLibraries
CoUninitialize
CoCreateInstance
CoTaskMemFree

oleaut32

SysFreeString
VariantChangeType
SysAllocStringLen
VariantClear
VariantInit
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b061fad8266f6f03923cff87f660920

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 128KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 20KB - Virtual size: 34KB

.rsrc Size: 4KB - Virtual size: 896B

.reloc Size: 28KB - Virtual size: 25KB

.text
Size: 132KB - Virtual size: 128KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 20KB - Virtual size: 34KB

.rsrc
Size: 4KB - Virtual size: 896B

.reloc
Size: 28KB - Virtual size: 25KB