a9483f661d61a69b1ee63154d4cfc7473ed0cfc27a7f362b91be12e955de8a28

Sharing

Copy URL Twitter E-mail

General

Target

a9483f661d61a69b1ee63154d4cfc7473ed0cfc27a7f362b91be12e955de8a28
Size

156KB
MD5

4ce4dda0b566428eca569e5a4edeb88b
SHA1

064e6daaca29d0026dff42e137ba750eba3395cf
SHA256

a9483f661d61a69b1ee63154d4cfc7473ed0cfc27a7f362b91be12e955de8a28
SHA512

ccabbb1288414a6eb2e06e868702ab65b187e23f903255a67e189a6e876b9ae4e5436ba2ea9137ab42c32ca28fd6a7d260f74ec815eff3f98c721c013af5bc17
SSDEEP

1536:vl0cUIWiRSKPLuX2YDKLvOCDA45xsBwoPUrfEXr5ZT/ohR/+2jIgYg9QICS4AS4q:OhSr5pnfQ5C/J9jI4X7cwDoGrAv1/

Score

N/A

Malware Config

Signatures

Files

a9483f661d61a69b1ee63154d4cfc7473ed0cfc27a7f362b91be12e955de8a28
.dll regsvr32 windows x86

c57d5e5598278229ec912cf67a9f3f54

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
SetTimer
TranslateMessage
DispatchMessageA
KillTimer
CreateWindowExA
RegisterClassExA
SetWindowPos
wsprintfA
DefWindowProcA
GetMessageA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
SystemParametersInfoA

kernel32

GetOEMCP
GetACP
ReadFile
SetEndOfFile
SetFilePointer
FlushFileBuffers
CloseHandle
CreateFileA
MoveFileExA
WaitForSingleObject
FreeLibrary
GetProcAddress
LoadLibraryA
DeleteFileA
GetSystemDirectoryA
GetLocalTime
OpenProcess
GetCurrentProcessId
SleepEx
GetModuleFileNameA
GetTickCount
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
VirtualFree
VirtualAlloc
IsBadWritePtr
WriteFile
GetFileAttributesA
CreateProcessA
HeapAlloc
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
HeapCreate
HeapDestroy
GetVersionExA
GetCPInfo
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
GetEnvironmentVariableA
GetModuleHandleA
LocalFree
InterlockedDecrement
InterlockedIncrement
RtlUnwind
HeapFree
HeapReAlloc
WideCharToMultiByte
GetLastError
MultiByteToWideChar
GetCommandLineA
GetVersion
RaiseException
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
LCMapStringA
LCMapStringW
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetFileType

advapi32

SetEntriesInAclA
SetSecurityInfo
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetSecurityInfo

shell32

StrStrIA

ole32

CoCreateInstance
CoInitialize
CoCreateGuid

oleaut32

VariantInit
SysAllocString
GetErrorInfo

shlwapi

SHSetValueA
SHGetValueA

wininet

InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA

rpcrt4

UuidToStringA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

netapi32

Netbios

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c57d5e5598278229ec912cf67a9f3f54

Headers

File Characteristics

Imports

user32

kernel32

advapi32

shell32

ole32

oleaut32

shlwapi

wininet

rpcrt4

psapi

netapi32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 92KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 24KB - Virtual size: 30KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 96KB - Virtual size: 92KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 24KB - Virtual size: 30KB

.reloc
Size: 8KB - Virtual size: 5KB