c1678469b2b7a0be7cf04fa9b28d6868b5be6d465f0687282ae4ab71d4a27280

Sharing

Copy URL Twitter E-mail

General

Target

c1678469b2b7a0be7cf04fa9b28d6868b5be6d465f0687282ae4ab71d4a27280
Size

255KB
MD5

ba6aa40fd4aa958002eb86253533f3c5
SHA1

e61fcfb2641d59b3f19e5ae0806022814b03052c
SHA256

c1678469b2b7a0be7cf04fa9b28d6868b5be6d465f0687282ae4ab71d4a27280
SHA512

93ed7111f10d0245db5db8f25c93b2fa0c857500445919c0e6cde069b39b622708bbf763fcdf27d0215cbbd24095a0a6d0c5b87cef25047d8e833e4dca81f061
SSDEEP

3072:friLwZVSXIXZsGAoFKu8DT2ooLxM2o4nT3J9TBfUAdy5Wg5F:+BcZBAoFKuRoo7oA59TBNu

Score

N/A

Malware Config

Signatures

Files

c1678469b2b7a0be7cf04fa9b28d6868b5be6d465f0687282ae4ab71d4a27280
.dll regsvr32 windows x86

d1f127c0c1c780e9ec5804ba3730886e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

wsock32

connect
htons
ioctlsocket
setsockopt
recv
send
select
closesocket
getsockname
getpeername
WSAStartup
socket

kernel32

WideCharToMultiByte
GetProcAddress
GetModuleHandleA
GetModuleHandleW
lstrlenA
GetModuleFileNameA
MultiByteToWideChar
GetLastError
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
IsDBCSLeadByte
EnterCriticalSection
LeaveCriticalSection
SetFileAttributesA
GetVersionExA
GetWindowsDirectoryA
GetSystemInfo
GetSystemTime
Process32Next
Process32First
CreateToolhelp32Snapshot
GlobalMemoryStatus
GetComputerNameA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
lstrlenW
TerminateThread
GetPrivateProfileIntA
GetPrivateProfileStringA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetTimeZoneInformation
SetFilePointer
SetStdHandle
ReadFile
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetThreadLocale
SetThreadLocale
InitializeCriticalSection
RaiseException
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
Sleep
SetEvent
OpenEventA
GetExitCodeThread
WaitForSingleObject
CloseHandle
SetEnvironmentVariableA
GetLocaleInfoA
FlushFileBuffers
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
CompareStringA
CompareStringW
GetCurrentThreadId
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
WriteFile
HeapCreate
VirtualFree
ExitProcess
SetLastError
TlsFree
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
ExitThread
CreateThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
VirtualQuery
GetCommandLineA
CreateDirectoryA
GetFileAttributesA
DeleteFileA
GetSystemTimeAsFileTime
TlsGetValue
TlsAlloc
TlsSetValue

user32

KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
SetTimer
FindWindowA
GetDC
GetProcessWindowStation
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
SwitchDesktop
CloseDesktop
GetWindowRect
GetSystemMetrics
CharNextW
CharNextA
GetForegroundWindow
FindWindowExA
GetWindowTextA

gdi32

CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetDIBits
DeleteObject
DeleteDC

advapi32

RegCreateKeyExA
RegQueryValueExA
GetUserNameA
CryptEncrypt
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptDecrypt
CryptDestroyHash
CryptReleaseContext
RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegQueryInfoKeyA

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance

oleaut32

VarUI4FromStr
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
RegisterTypeLi
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1f127c0c1c780e9ec5804ba3730886e

Headers

DLL Characteristics

File Characteristics

Imports

winmm

wsock32

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 199KB - Virtual size: 199KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 6KB - Virtual size: 15KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 199KB - Virtual size: 199KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 6KB - Virtual size: 15KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 10KB - Virtual size: 10KB