4d33b387a6a0ef9411a0e027106b39846b58d77b6ac4550a132172f245f71798

Sharing

Copy URL

Twitter E-mail

General

Target

4d33b387a6a0ef9411a0e027106b39846b58d77b6ac4550a132172f245f71798
Size

52KB
MD5

78c064761ce14ba6856fc89553844690
SHA1

453871273db5449d0d6c48f314bd212a4b4d172e
SHA256

4d33b387a6a0ef9411a0e027106b39846b58d77b6ac4550a132172f245f71798
SHA512

b40dceafd8cd2c1d0c74e328f378d0152fc0e0ceca85b3d5a29d8b3030098fb66c71b7e470910d0070df366fc4ae5878f92857fd8fc0a78b5d29ce779c4f41fa
SSDEEP

768:b06gZwkN5nsdv/9S7jPJ9AP1zHCIEh/9EHa5an+P1sy/InyevZzqUlXld1ihU2wX:rgZwO5o/iPmHlU9EymsjgFcWdgU/PBJ

Score

N/A

Malware Config

Signatures

Files

4d33b387a6a0ef9411a0e027106b39846b58d77b6ac4550a132172f245f71798
.dll regsvr32 windows x86

87ee423e9aa33e92b05234c011b6b229

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
Process32Next
Process32First
CreateProcessA
GetSystemDirectoryA
MoveFileA
FindNextFileA
GetPrivateProfileStringA
FindFirstFileA
Sleep
RemoveDirectoryA
CreateDirectoryA
LeaveCriticalSection
GetExitCodeProcess
WaitForSingleObject
WritePrivateProfileStringA
CreateThread
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
HeapDestroy
GetShortPathNameA
GetModuleHandleA
GetProcAddress
SetFileAttributesA
LocalFree
DeleteFileA
lstrlenA
MultiByteToWideChar
LoadLibraryA
FreeLibrary
GetModuleFileNameA
GetCurrentProcessId
lstrlenW
WideCharToMultiByte
ExitProcess
CloseHandle
GetCommandLineW

advapi32

RegSetValueExA
BuildExplicitAccessWithNameA
SetEntriesInAclA
GetNamedSecurityInfoA
SetNamedSecurityInfoA
RegDeleteKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA
CommandLineToArgvW

ole32

CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysFreeString
SysAllocString
SysStringLen
LoadRegTypeLi
VariantClear

shlwapi

SHDeleteValueA
SHSetValueA
SHDeleteKeyA

msvcrt

strstr
_strupr
_stricmp
_adjust_fdiv
malloc
_initterm
free
_purecall
_wcslwr
wcsstr
_access
strncmp
strncpy
strcmp
strrchr
fopen
fseek
ftell
fread
fclose
sprintf
strlen
memset
strcat
strcpy
??3@YAXPAX@Z
_strlwr
??2@YAPAXI@Z
atoi
strchr
memcmp
memcpy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllGetObjectType
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87ee423e9aa33e92b05234c011b6b229

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

idata Size: 4KB - Virtual size: 4B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

idata
Size: 4KB - Virtual size: 4B

.reloc
Size: 4KB - Virtual size: 2KB