04a6e0837fd080244a229df8bab19823f2f633d20a0e70b19da82238185b19b9

Sharing

Copy URL Twitter E-mail

General

Target

04a6e0837fd080244a229df8bab19823f2f633d20a0e70b19da82238185b19b9
Size

68KB
MD5

98b5868f0908d9b5ee38a512601438c7
SHA1

fd88f436c927575a7b9e15999b2383d233d34fc9
SHA256

04a6e0837fd080244a229df8bab19823f2f633d20a0e70b19da82238185b19b9
SHA512

444db55520a68447706b53de8755c4b6205f38c427ad331dfdb8b252360d08ec82307c6cf02b77bf54779928206c1fa1cb90e09f73f900e797b170489d868b61
SSDEEP

768:UWaeYaRfstINb4imnKDstfYV5Pd1YNrlC/9Q3kTKYnqJfi3OQsK7OmaQHW:UO/EKifQX1YJg9Q9dAWevrH

Score

N/A

Malware Config

Signatures

Files

04a6e0837fd080244a229df8bab19823f2f633d20a0e70b19da82238185b19b9
.dll regsvr32 windows x86

5cdf98fe3633e3758ec98c634b28977b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ksproxy.ax

KsSynchronousDeviceControl

msvcrt

??3@YAXPAX@Z
strtol
__CxxFrameHandler
??2@YAPAXI@Z

kernel32

CloseHandle
WriteFile
lstrlenA
CreateFileA
GetVersionExA
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
FreeLibrary
MultiByteToWideChar
GetLastError
GetModuleFileNameA

advapi32

RegCreateKeyA
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA

user32

MessageBoxA
LoadStringA
SetWindowTextA
wsprintfA
GetWindowTextA
EnableWindow
GetDlgItem
ShowWindow
CheckRadioButton
SendMessageA
CheckDlgButton
GetWindowLongA
SetWindowLongA
CreateDialogParamA
MoveWindow
InvalidateRect
DestroyWindow
LoadStringW
GetWindowRect
GetDesktopWindow

comctl32

InitCommonControlsEx

ole32

CoFreeUnusedLibraries
CoTaskMemAlloc
CoUninitialize
StringFromGUID2
CoInitialize
CoCreateInstance

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cdf98fe3633e3758ec98c634b28977b

Headers

File Characteristics

Imports

ksproxy.ax

msvcrt

kernel32

advapi32

user32

comctl32

ole32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 844B

.rsrc Size: 32KB - Virtual size: 30KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 844B

.rsrc
Size: 32KB - Virtual size: 30KB

.reloc
Size: 4KB - Virtual size: 3KB