0b3b465590000fb67de35bd08b349b36ecfa093d53174ba369885d8ab1d5ac23

Sharing

Copy URL Twitter E-mail

General

Target

0b3b465590000fb67de35bd08b349b36ecfa093d53174ba369885d8ab1d5ac23
Size

349KB
MD5

bf87fd7bcffaeec234f3425dd63b9a80
SHA1

cfd0ce7ae95c2e364b2bdade82a71d5e263f8380
SHA256

0b3b465590000fb67de35bd08b349b36ecfa093d53174ba369885d8ab1d5ac23
SHA512

a1b4be48d0cf333fcc48d2560197564e2e720e906d2d037d2eede046e7aa983a16efcbc0807afd90a30939dca4a8a2099f1eb9f00b74f0b2081d37dc3167a6d2
SSDEEP

6144:CSKgeJ4vDdgUrT7R/b+hWEqLX6YahlY0ZhzjJM9wN+:jKglDSUr3R/b+hWEqLQjZhzF

Score

N/A

Malware Config

Signatures

Files

0b3b465590000fb67de35bd08b349b36ecfa093d53174ba369885d8ab1d5ac23
.dll regsvr32 windows x86

7d88544a0f1150bd3fbb82ad19c8c55e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

sensapi

IsNetworkAlive

kernel32

FindResourceA
LoadLibraryExA
SetThreadLocale
GetThreadLocale
lstrcmpA
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GetEnvironmentVariableA
SetEnvironmentVariableA
CloseHandle
FreeLibrary
InitializeCriticalSection
CreateMutexA
ReleaseMutex
WaitForSingleObject
FlushFileBuffers
CreateFileW
WriteConsoleW
SetStdHandle
GetStringTypeW
GetConsoleMode
GetConsoleCP
GetModuleHandleW
LoadLibraryW
LCMapStringW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoW
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapCreate
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
Sleep
IsDBCSLeadByte
SetLastError
GetModuleFileNameA
GetCurrentProcess
FlushInstructionCache
lstrcmpiA
lstrlenA
InterlockedDecrement
InterlockedIncrement
lstrlenW
MultiByteToWideChar
GetModuleHandleA
GetProcAddress
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
GetCurrentThreadId
EncodePointer
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LocalFree
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapSize
HeapReAlloc
GetCommandLineA
HeapDestroy
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
SetFilePointer
GetSystemTimeAsFileTime
VirtualProtect
GetSystemInfo
VirtualQuery
DecodePointer

user32

GetWindow
UnhookWindowsHookEx
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
CreateAcceleratorTableA
GetDesktopWindow
SetFocus
GetFocus
DestroyAcceleratorTable
FillRect
ReleaseCapture
GetClassNameA
GetDlgItem
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ClientToScreen
SetWindowPos
MoveWindow
GetSysColor
ScreenToClient
GetCursorPos
BeginPaint
EndPaint
GetParent
IsWindowVisible
MapWindowPoints
GetWindowRect
CallWindowProcA
GetWindowLongA
DefWindowProcA
CharNextW
GetClientRect
RegisterClassExA
CreateWindowExA
CharNextA
LoadCursorA
GetClassInfoExA
IsWindow
ShowWindow
SetWindowLongA
DestroyWindow
SetTimer
KillTimer
SetWindowsHookExA
RegisterWindowMessageA
CallNextHookEx
SendMessageA
IsChild
UnregisterClassA
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects

gdi32

GetStockObject
GetObjectA
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
SetViewportOrgEx
OffsetWindowOrgEx
SetWindowOrgEx

advapi32

RegQueryValueExA
RegQueryInfoKeyA
RegQueryInfoKeyW
RegDeleteValueA
RegEnumKeyExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA

shell32

SHGetFileInfoA

ole32

CLSIDFromString
CreateItemMoniker
CoTaskMemFree
StringFromCLSID
GetRunningObjectTable
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
OleRun
CLSIDFromProgID
CoGetClassObject
OleLockRunning
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VariantCopy
VarCmp
OleCreateFontIndirect
SysAllocStringLen
RegisterTypeLi
UnRegisterTypeLi
GetErrorInfo
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
SysStringLen
DispCallFunc
SysStringByteLen
SysAllocStringByteLen
VariantInit
SysAllocString
VariantClear
SysFreeString

shlwapi

SHGetValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d88544a0f1150bd3fbb82ad19c8c55e

Headers

DLL Characteristics

File Characteristics

Imports

sensapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 189KB - Virtual size: 188KB

.rdata Size: 46KB - Virtual size: 46KB

.data Size: 81KB - Virtual size: 93KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 189KB - Virtual size: 188KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 81KB - Virtual size: 93KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 28KB - Virtual size: 27KB