0d4d475ad789b9d01fbb1398695540a340948ff3dcd57ab0cae9fa0725dc4f32

Sharing

Copy URL Twitter E-mail

General

Target

0d4d475ad789b9d01fbb1398695540a340948ff3dcd57ab0cae9fa0725dc4f32
Size

468KB
MD5

8c92329115f1c9a7edb032539e2eab03
SHA1

d0bbd35693cfcefd25274a9332cf0e4d0c3fd52a
SHA256

0d4d475ad789b9d01fbb1398695540a340948ff3dcd57ab0cae9fa0725dc4f32
SHA512

ac301dca88450c2d6ec191b23dbbbfa6e849c89ddd8b1042c3bc5732eb01bf532b8c0937e07b0edcca9a525714cb615bef8e77ae792df4225ce7273fb13f466c
SSDEEP

6144:dPVUtsjhqeNpnEf9pM58NrBMwtrDqx4HlRBuNc+FW+G:OsjhdEf027Zt3qAoWx

Score

N/A

Malware Config

Signatures

Files

0d4d475ad789b9d01fbb1398695540a340948ff3dcd57ab0cae9fa0725dc4f32
.dll regsvr32 windows x86

2a3635438005b443f8b86eb59ec56b48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

GradientFill

kernel32

HeapSize
HeapReAlloc
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
TerminateProcess
ExitProcess
GetProcAddress
GetACP
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
GetProfileIntA
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
CopyFileA
GlobalSize
GetOEMCP
GetCPInfo
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GlobalFlags
GetProcessVersion
GetLastError
FindResourceExA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
CloseHandle
GetUserDefaultLCID
IsDBCSLeadByte
lstrcmpA
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageA
LocalFree
MulDiv
SetLastError
GlobalAlloc
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GlobalLock
GlobalUnlock
InterlockedDecrement
GetModuleFileNameA
lstrcpyA
lstrlenA
lstrlenW
WideCharToMultiByte
GlobalFree
lstrcmpiA
InterlockedIncrement
Sleep
GetCurrentThread
GetThreadPriority
SetThreadPriority
GetCurrentThreadId
FindResourceA
SizeofResource
LoadResource
LockResource
GetTickCount
FindAtomA
AddAtomA
lstrcpynA
MultiByteToWideChar
FreeLibrary
GetModuleHandleA
LoadLibraryA
GetEnvironmentStrings

user32

GetDCEx
RegisterClipboardFormatA
CreateMenu
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ValidateRect
DrawEdge
wvsprintfA
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
EqualRect
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
IsIconic
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GetTabbedTextExtentA
IsWindowEnabled
wsprintfA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetTopWindow
LockWindowUpdate
IsWindowVisible
GetDlgCtrlID
MessageBoxA
GetParent
GetFocus
IsChild
GrayStringA
TabbedTextOutA
ClientToScreen
ScreenToClient
GetClientRect
LoadIconA
TrackPopupMenu
PostMessageA
FindWindowA
EnumChildWindows
GetClassNameA
RedrawWindow
SetActiveWindow
SetForegroundWindow
GetWindowPlacement
DrawAnimatedRects
DefWindowProcA
CreatePopupMenu
InsertMenuItemA
SetMenuDefaultItem
GetMenuItemInfoA
SetMenuItemInfoA
GetMenuStringA
InsertMenuA
AppendMenuA
GetSubMenu
RemoveMenu
DestroyMenu
GetMenuItemCount
UpdateWindow
GetMonitorInfoA
GetForegroundWindow
PtInRect
GetWindow
KillTimer
MonitorFromWindow
SetWindowPos
GetCapture
SetCapture
GetCursorPos
SetRect
OffsetRect
ReleaseCapture
CallWindowProcA
CopyRect
SetTimer
CharUpperA
GetSysColorBrush
GetDialogBaseUnits
UnregisterClassA
GetMessageA
TranslateMessage
PostQuitMessage
GetDlgItem
LoadStringA
IsWindow
SetParent
MoveWindow
GetWindowRect
ShowWindow
RegisterWindowMessageA
MonitorFromPoint
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindowLongA
DestroyWindow
CreateWindowExA
SetWindowLongA
FrameRect
DrawIconEx
DestroyIcon
SendMessageA
LoadCursorA
SetCursor
LoadBitmapA
GetKeyState
SystemParametersInfoA
GetSystemMetrics
SetRectEmpty
InflateRect
IsRectEmpty
LoadImageA
CopyImage
CreateIconIndirect
FillRect
DrawTextA
IntersectRect
GetDesktopWindow
InvalidateRect
EnableWindow
GetSysColor
ModifyMenuA

gdi32

CreateSolidBrush
SetRectRgn
CreateRectRgnIndirect
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
EnumFontFamiliesExA
CopyMetaFileA
CreateDCA
GetTextAlign
UnrealizeObject
Rectangle
SetROP2
RestoreDC
SaveDC
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
SetMapMode
GetCurrentPositionEx
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
LPtoDP
GetDeviceCaps
GetClipBox
Escape
TextOutA
RectVisible
PtVisible
PatBlt
CreateFontIndirectA
GetStockObject
CreateBitmap
CreateCompatibleBitmap
SetStretchBltMode
DeleteDC
CreatePen
SelectObject
CreatePatternBrush
MoveToEx
LineTo
CreateHatchBrush
SetBkColor
ExtTextOutA
CreateRectRgn
CombineRgn
DeleteObject
BitBlt
StretchBlt
SetBkMode
SetTextColor
GetObjectA
CreateCompatibleDC
SetViewportOrgEx

comdlg32

GetFileTitleA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

CryptImportKey
RegQueryValueExA
RegCreateKeyExA
RegQueryValueA
RegDeleteKeyA
RegSetValueA
RegOpenKeyA
RegEnumKeyA
RegOpenKeyExA
RegCloseKey
CryptVerifySignatureA
CryptDestroyKey
CryptReleaseContext
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptAcquireContextA
RegSetValueExA
RegCreateKeyA

shell32

ExtractIconA
Shell_NotifyIconA
SHGetPathFromIDListA
SHGetMalloc
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteA

comctl32

_TrackMouseEvent
ord17

ole32

OleDuplicateData
ReadFmtUserTypeStg
StringFromCLSID
CoDisconnectObject
CreateOleAdviseHolder
CoTaskMemFree
ReleaseStgMedium
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleSaveToStream
ReadClassStm
CoTaskMemAlloc
CreateDataCache
CoRevokeClassObject
CoRegisterClassObject
PropVariantClear
StringFromGUID2
CoCreateInstance
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLoadFromStream
CreateDataAdviseHolder

olepro32

ord254
ord251
ord252
ord250
ord253

oleaut32

VariantInit
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
SysAllocString
VariantChangeType
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SysFreeString
VariantClear
VariantCopy
LoadRegTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a3635438005b443f8b86eb59ec56b48

Headers

File Characteristics

Imports

msimg32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

olepro32

oleaut32

Exports

Exports

Sections

.text Size: 248KB - Virtual size: 245KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 24KB - Virtual size: 38KB

.rsrc Size: 84KB - Virtual size: 81KB

.reloc Size: 36KB - Virtual size: 33KB

.text
Size: 248KB - Virtual size: 245KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 24KB - Virtual size: 38KB

.rsrc
Size: 84KB - Virtual size: 81KB

.reloc
Size: 36KB - Virtual size: 33KB