afdbeb3928cdca01eba21a1231d1bfeb776f83c58fbc9183f362f4033c4b8d68

Sharing

Copy URL Twitter E-mail

General

Target

afdbeb3928cdca01eba21a1231d1bfeb776f83c58fbc9183f362f4033c4b8d68
Size

179KB
MD5

2f75855bb87be28aaeac92d69a9cf0d2
SHA1

1aab3f09fd6315010e633fa4448827b39d22b9eb
SHA256

afdbeb3928cdca01eba21a1231d1bfeb776f83c58fbc9183f362f4033c4b8d68
SHA512

fada614fb6815d8181ada3cf39e125af87d3a1cfb4c194e6cf70db1a368e7bd74a0925d096e0282068a982ef56c814b52083b561d0b887c7ec652f8f2145033e
SSDEEP

3072:cyjllCN64eqoLMeOLrOAz5B5dJOmROELGLdaeAATvC1W/3:cyxlAZoLMFrj5XJTxe1v

Score

N/A

Malware Config

Signatures

Files

afdbeb3928cdca01eba21a1231d1bfeb776f83c58fbc9183f362f4033c4b8d68
.dll regsvr32 windows x86

0345c7001b0ef5ee1ab105c00be9c671

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
FtpGetFileW
InternetOpenW
FtpSetCurrentDirectoryW
InternetConnectW

shell32

SHGetFolderPathW

kernel32

RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
GetProcAddress
GetModuleHandleW
lstrcmpiW
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
lstrlenW
LoadLibraryExW
SetThreadLocale
GetThreadLocale
DeleteFileW
MoveFileExW
CloseHandle
SetFileTime
GetFileTime
CreateFileW
SystemTimeToFileTime
GetSystemTime
GetTempFileNameW
GetTempPathW
WritePrivateProfileStringW
WriteConsoleA
SetStdHandle
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
FindResourceW
RtlUnwind
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetOEMCP
HeapAlloc
HeapFree
GetCurrentThreadId
GetCommandLineA
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
GetModuleHandleA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetCPInfo
GetACP

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

ole32

CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
PropVariantClear
CoTaskMemFree
CoTaskMemAlloc

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0345c7001b0ef5ee1ab105c00be9c671

Headers

File Characteristics

Imports

wininet

shell32

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 70KB - Virtual size: 77KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 70KB - Virtual size: 77KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 8KB - Virtual size: 7KB