b76283acee23e735c751db77f1279dd07f1353f54e2a092ce2e5e19dd7a2629f

Sharing

Copy URL Twitter E-mail

General

Target

b76283acee23e735c751db77f1279dd07f1353f54e2a092ce2e5e19dd7a2629f
Size

172KB
MD5

7196d6308836aa1f4ea5dbb9155e5401
SHA1

4a9113d836a54293a5406619124e1b8ea336eb39
SHA256

b76283acee23e735c751db77f1279dd07f1353f54e2a092ce2e5e19dd7a2629f
SHA512

7ab5127287cb91a575fe345f7632115e3cb4a458ac752660db39841d9f4b1a93fc00fff2639a845b5b350de365e624d657976ef9bedd5a8484bb3da6b9c76a43
SSDEEP

3072:xvXOXr0b1gb6leFkgXHQOCq7qSdEnl3Fz3nDc+zzJumwQ:xQr0preFkgXzCqkc4UmwQ

Score

N/A

Malware Config

Signatures

Files

b76283acee23e735c751db77f1279dd07f1353f54e2a092ce2e5e19dd7a2629f
.dll regsvr32 windows x86

66daf2d52ab32b65de8bde550327cdd0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
FlushInstructionCache
lstrcmpA
VirtualProtect
GetCurrentProcess
FreeLibrary
LoadLibraryA
SetLastError
GetFileSize
GetLastError
CreateFileA
WriteFile
GlobalAlloc
Sleep
DeleteFileA
CopyFileA
LocalAlloc
CreateDirectoryA
SetFilePointer
FindNextFileA
FindFirstFileA
ReadFile
GlobalFree
GetModuleFileNameA
CreateThread
GetWindowsDirectoryA
SizeofResource
LoadResource
FindResourceA
TerminateProcess
OpenProcess
LockResource
GetVersionExA
GetProcAddress
TlsSetValue
TlsAlloc
ExitProcess
TlsFree
DisableThreadLibraryCalls
lstrlenW
CreatePipe
GetCurrentProcessId
CreateMutexA
OpenMutexA
DuplicateHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
WaitForSingleObject
CloseHandle
OutputDebugStringA
lstrcatA
lstrcpyA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalFree
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetSystemDirectoryA
TerminateThread

user32

SetDlgItemTextA
CharLowerA
GetOpenClipboardWindow
CloseClipboard
GetClipboardData
OpenClipboard
GetWindowThreadProcessId
EndDialog
KillTimer
DialogBoxParamA
GetWindowRect
GetSystemMetrics
FindWindowA
CharUpperBuffA
SetTimer
CharLowerBuffA
SetWindowPos
GetDC
SetWindowsHookExA
UnhookWindowsHookEx
GetDlgItem
PostMessageA
SetWindowLongA
CallNextHookEx
LoadCursorA
CopyIcon
CopyImage
SetSystemCursor
LoadStringA
CreatePopupMenu
InsertMenuA
GetWindowPlacement
GetCursorPos
GetForegroundWindow
TrackPopupMenu
DestroyMenu
SendMessageA
SetForegroundWindow
MessageBoxA
ShowWindow
SetWindowTextA
GetWindowLongA
SetParent
MoveWindow
LoadImageA
IsWindow
GetDlgItemTextA

gdi32

GetDIBits
CreateFontA
GetObjectA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA

shell32

ShellExecuteA
Shell_NotifyIconA
SHChangeNotify

ole32

CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoGetInterfaceAndReleaseStream
CoInitialize
CoUninitialize

oleaut32

VariantClear
LoadRegTypeLi
SysFreeString
SysAllocStringLen
VariantInit
SysAllocString
SysStringLen
SysAllocStringByteLen

ws2_32

recv
connect
send
ntohs
getpeername
WSAConnect
socket
gethostbyname
WSAGetLastError
htons
getsockopt
select
closesocket
inet_addr

wininet

InternetSetOptionA
InternetConnectA
InternetGetConnectedState
InternetCanonicalizeUrlA
GetUrlCacheEntryInfoA
InternetOpenA

atl

ord10
ord11
ord30
ord58
ord32
ord23
ord21
ord16
ord15
ord18
ord57
ord52
ord53

urlmon

URLOpenBlockingStreamA

iphlpapi

GetAdaptersInfo
GetIfEntry

msvcrt

atol
_purecall
_CxxThrowException
_msize
memmove
_mbsinc
memset
_mbslwr
_mbschr
__CxxFrameHandler
wcslen
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
strcpy
_except_handler3
free
_mbsrchr
vsprintf
_mbclen
strlen
sprintf
_mbsnbcmp
_ismbcdigit
atoi
_mbscmp
fclose
fwrite
fopen
strrchr
strchr
realloc
time
strncmp
malloc
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_mbsstr
memcmp
__dllonexit
strstr
_onexit
?terminate@@YAXXZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
InstantAccess
P2EProc
Socksify
UnSocksify

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HookSec
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66daf2d52ab32b65de8bde550327cdd0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

ws2_32

wininet

atl

urlmon

iphlpapi

msvcrt

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 24KB - Virtual size: 151KB

.HookSec Size: 4KB - Virtual size: 28B

.rsrc Size: 32KB - Virtual size: 29KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 24KB - Virtual size: 151KB

.HookSec
Size: 4KB - Virtual size: 28B

.rsrc
Size: 32KB - Virtual size: 29KB

.reloc
Size: 12KB - Virtual size: 10KB