cde83a64e3a5944261d23748ffdeae20eb8240b2b3d612250dbcff73264b2161

Sharing

Copy URL Twitter E-mail

General

Target

cde83a64e3a5944261d23748ffdeae20eb8240b2b3d612250dbcff73264b2161
Size

444KB
MD5

bff96cde132e2b38a6cbfb6ddb6ba0d6
SHA1

0b37760f8e69dab0342307029936f669f12df987
SHA256

cde83a64e3a5944261d23748ffdeae20eb8240b2b3d612250dbcff73264b2161
SHA512

f0bd731ec80f9d8429f4a495e17a8471ff3f9d96fe059b97c963d00dfcf5b92ecddf79805403917a45e7d8ebd6d2424c915ce732eee5c426924513fe09556677
SSDEEP

6144:AqJUn+Ar3DHk+rslXIKfnBC+lPBnQQOugpswxFh9FFtoYEBDa1W2m00:3JmzBrs1BxhQ8gpLxFhhxEem00

Score

N/A

Malware Config

Signatures

Files

cde83a64e3a5944261d23748ffdeae20eb8240b2b3d612250dbcff73264b2161
.dll regsvr32 windows x86

b58e6c570d476acc5360b77979c8a99e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetThreadLocale
RaiseException
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
IsBadReadPtr
EnterCriticalSection
LeaveCriticalSection
GetLastError
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
GetVersionExA
HeapFree
HeapAlloc
RtlUnwind
HeapReAlloc
ExitProcess
GetModuleHandleA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualQuery
VirtualAlloc
IsBadWritePtr
HeapSize
GetOEMCP
LoadLibraryA
IsBadCodePtr
GetStringTypeA
LCMapStringA
VirtualProtect
GetSystemInfo
CompareStringA
GetProcessHeap
GetWindowsDirectoryA
GetSystemDirectoryA
TlsGetValue
InterlockedExchange

user32

RegisterWindowMessageA

advapi32

RegCloseKey

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysFreeString
SysAllocString

shlwapi

PathFindExtensionW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b58e6c570d476acc5360b77979c8a99e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 55KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 8KB - Virtual size: 7KB

.text Size: 368KB - Virtual size: 368KB

.text
Size: 56KB - Virtual size: 55KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 368KB - Virtual size: 368KB