67524235d18916c73478f7ddf72c6582b6d00b02a08fcaf1180c2b68c4d3d8c1

Sharing

Copy URL Twitter E-mail

General

Target

67524235d18916c73478f7ddf72c6582b6d00b02a08fcaf1180c2b68c4d3d8c1
Size

225KB
MD5

371e999c8ff09e2b150c5dfb6293d2d8
SHA1

b7ea10a8f73ec9a0cf31e5f1d4c521e43595d67d
SHA256

67524235d18916c73478f7ddf72c6582b6d00b02a08fcaf1180c2b68c4d3d8c1
SHA512

e3041514a733ca3d0d224f2a40b69fa8066a72a18f85a8e06e7ec104d3cde102fc1ed8efe7a379102444e0219e04bc4f9c797f4433b1b0ca722cb9262817501b
SSDEEP

6144:fxNBx3SdG/4aEJGSc17K5svx5S12GB6RFJLJik:b/3WuEJGScU5svx81d6FW

Score

N/A

Malware Config

Signatures

Files

67524235d18916c73478f7ddf72c6582b6d00b02a08fcaf1180c2b68c4d3d8c1
.dll regsvr32 windows x86

ded68fdf4d1a5ec7f9be18f70a672060

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

setsockopt
select
__WSAFDIsSet
socket
gethostbyname
htons
connect
send
WSAStartup
shutdown
closesocket
ioctlsocket
recv
WSAGetLastError

kernel32

MultiByteToWideChar
GetTickCount
Sleep
WideCharToMultiByte
GetLocalTime
DeleteFileA
ExitThread
CreateThread
LocalFree
FormatMessageA
GetLastError
GetTempPathA
RaiseException
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
lstrlenW
GetProcAddress
GetModuleHandleA
lstrlenA
lstrcmpiA
GetModuleHandleW
IsDBCSLeadByte
FreeLibrary
TerminateThread
LoadResource
FindResourceA
LoadLibraryExA
SetThreadLocale
GetThreadLocale
TlsGetValue
TlsAlloc
GetLocaleInfoW
GetModuleFileNameW
GetStdHandle
WriteFile
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
TlsSetValue
TlsFree
SetLastError
SetHandleCount
GetFileType
GetStartupInfoW
HeapDestroy
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
GetProcessHeap
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCPInfo
LCMapStringW
GetCommandLineA
GetCurrentThreadId
VirtualQuery
GetSystemInfo
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetACP
GetOEMCP
IsValidCodePage
SizeofResource
ReadFile
SetEndOfFile
ExitProcess
CreateFileW
CreateFileA
SetStdHandle
WriteConsoleW
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
HeapSize
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
CloseHandle
SetFilePointer
EncodePointer
DecodePointer
HeapFree
HeapAlloc
RtlUnwind
VirtualProtect
VirtualAlloc

user32

CharNextW
CharNextA
FillRect
GetDesktopWindow
GetWindowDC

advapi32

RegQueryInfoKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryInfoKeyW
RegEnumKeyExA
RegOpenKeyExA

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString
VariantClear

gdi32

BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
GetStockObject
DeleteObject
CreateDIBSection

gdiplus

GdiplusStartup
GdipCloneImage
GdipDrawImageRectI
GdipDrawImageI
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipBitmapSetPixel
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToFile
GdipDisposeImage
GdipLoadImageFromFile
GdipDeleteGraphics
GdipFree
GdipAlloc

Exports

Exports

Charge
CheckAccAuthcode
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
EnableLog
GetAnswer
QueryBalance
QueryLoad
RegisterSubacc
ReportError
SendFile
SendImage
SetAuthor
SetMode

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ded68fdf4d1a5ec7f9be18f70a672060

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

ole32

oleaut32

gdi32

gdiplus

Exports

Exports

Sections

.text Size: 162KB - Virtual size: 162KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 11KB