6439c4bfd8a1595324a4a121ed9116219596771c1de7c647683e3d23baea8f9d

Sharing

Copy URL Twitter E-mail

General

Target

6439c4bfd8a1595324a4a121ed9116219596771c1de7c647683e3d23baea8f9d
Size

470KB
MD5

1766f04a5ef12e4a7c20ddcab35b0892
SHA1

1212a0623e3a8502623c8b8494fbb7e32cbe0a22
SHA256

6439c4bfd8a1595324a4a121ed9116219596771c1de7c647683e3d23baea8f9d
SHA512

7eba57983353c22d2311d6cecfcabfdef03dec7f4130394b2c6763b7408f3fd3413acd6b2e1079cbe226e112865f9691abb5ba8bd42d1ba367914dbe01a26786
SSDEEP

6144:ui8i6PqFGqRJNX0NIUxiHO0di0kb6UcDEl:uMSqQNIUxiHO0HnO

Score

N/A

Malware Config

Signatures

Files

6439c4bfd8a1595324a4a121ed9116219596771c1de7c647683e3d23baea8f9d
.dll regsvr32 windows x86

b79fb19aa1747e02867776a6b78bc8e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetCloseHandle
InternetOpenA

kernel32

SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
WideCharToMultiByte
GetSystemTime
GetDateFormatA
lstrlenA
Sleep
GetModuleFileNameA
lstrcatA
FindFirstFileA
CreateFileA
GetFileTime
GetFileSize
ReadFile
SetFilePointer
WriteFile
SetEndOfFile
SetFileTime
FindNextFileA
CreateThread
lstrcmpA
LeaveCriticalSection
MultiByteToWideChar
GetTempPathA
GetTempFileNameA
WinExec
CreateMutexA
GetLastError
GetTimeFormatA
LoadLibraryA
FreeLibrary
LocalAlloc
GetProcAddress
InterlockedExchange
RaiseException
GetConsoleMode
GetConsoleCP
GetModuleHandleA
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
CloseHandle
GetTickCount
GetFileAttributesA
ExpandEnvironmentStringsA
CreateDirectoryA
GetSystemDirectoryA
FindClose
GetVersionExA
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
EnterCriticalSection
HeapCreate
GetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
SetStdHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
GetModuleHandleW
GetSystemInfo
VirtualQuery
GetCurrentThreadId
GetCommandLineA
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
VirtualFree

user32

GetWindowRect
GetDC
GetDesktopWindow
wsprintfA
ReleaseDC

gdi32

SelectObject
DeleteObject
BitBlt
CreateCompatibleDC
DeleteDC
GetObjectA
CreateCompatibleBitmap

advapi32

RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

shlwapi

PathFindExtensionA
PathFindExtensionW
UrlUnescapeA

gdiplus

GdipFree
GdipAlloc
GdipDisposeImage
GdipCloneImage
GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown

Exports

Exports

DllRegisterServer
DllUnregisterServer
NSModule

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b79fb19aa1747e02867776a6b78bc8e9

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

advapi32

shell32

shlwapi

gdiplus

Exports

Exports

Sections

.text Size: 175KB - Virtual size: 175KB

.rdata Size: 233KB - Virtual size: 233KB

.data Size: 38KB - Virtual size: 73KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 175KB - Virtual size: 175KB

.rdata
Size: 233KB - Virtual size: 233KB

.data
Size: 38KB - Virtual size: 73KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 21KB - Virtual size: 21KB