29624dd03fd6434980c73ddbab88713e9712295401613d6f25a3111af2c10c85

Sharing

Copy URL Twitter E-mail

General

Target

29624dd03fd6434980c73ddbab88713e9712295401613d6f25a3111af2c10c85
Size

232KB
MD5

27b7066c874b56ff107aeb7dbe4180e0
SHA1

8fe9568a4ab7458e723011b813ac50431ee76bb6
SHA256

29624dd03fd6434980c73ddbab88713e9712295401613d6f25a3111af2c10c85
SHA512

e914b2b520e9a8957e352f633ec7a05714c5f5434ec2f0a839d48e11dca34798545445a0179edea63b5a9d7dcbb9971abcb59c98056c14e48a408172f6c1af78
SSDEEP

3072:dc5KLtAKIeKB7NuuY/xIK4NEAA6bR4y/te2q3tcZldj0ln43Wzz:drASKWuAw2gt4ctJq3qZli54k

Score

N/A

Malware Config

Signatures

Files

29624dd03fd6434980c73ddbab88713e9712295401613d6f25a3111af2c10c85
.dll regsvr32 windows x86

a6d55a2056727771735f82e65ad9b2d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
lstrlenW
GetShortPathNameW
GetModuleFileNameW
FreeLibrary
MultiByteToWideChar
lstrlenA
SizeofResource
LoadResource
FindResourceW
DeleteCriticalSection
lstrcmpiW
lstrcpynW
HeapDestroy
GetProcAddress
LoadLibraryW
lstrcpyW
lstrcatW
GetVersionExW
LocalFree
LocalAlloc
InitializeCriticalSection
DisableThreadLibraryCalls
DeviceIoControl
SetLastError
GetLastError
CreateFileW
CloseHandle
LoadLibraryExW
CallNamedPipeW
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
SetFilePointer
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
GetModuleHandleA
ExitProcess
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegEnumValueW

ole32

CoTaskMemFree
CoCreateFreeThreadedMarshaler
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

SysFreeString
VarUI4FromStr
SysAllocString
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
SysStringLen

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW

winmm

mixerOpen
mixerGetDevCapsW
mixerClose
mixerGetNumDevs
mixerGetLineControlsW
mixerGetLineInfoW
mixerMessage
mixerGetControlDetailsW
mixerSetControlDetails

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6d55a2056727771735f82e65ad9b2d1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

setupapi

winmm

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 80KB - Virtual size: 84KB

.rsrc Size: 56KB - Virtual size: 52KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 80KB - Virtual size: 84KB

.rsrc
Size: 56KB - Virtual size: 52KB

.reloc
Size: 8KB - Virtual size: 7KB