d078a3c6a8e4b0d6d7d8d6974748bc545299cf90123bd6a6fb33175223118503

Sharing

Copy URL Twitter E-mail

General

Target

d078a3c6a8e4b0d6d7d8d6974748bc545299cf90123bd6a6fb33175223118503
Size

328KB
MD5

adab0f93c304b240b719c64d3809b7c0
SHA1

31ac2da9a1e945f048974bcb2637d332d983a790
SHA256

d078a3c6a8e4b0d6d7d8d6974748bc545299cf90123bd6a6fb33175223118503
SHA512

7b5a69c31863be1d13a846c24260809cf1b926a2b6838677822ea101854b538af478bdf5f21895ab0afa592c86023840aa54fb77429d5231a7d1303032257f95
SSDEEP

6144:Ciscx3dZBFdlF7eAVLk3xf7zs7CE0W/9IRcczmqDNdnjcWbXU9M/GTponDHy:CsF7eAVLk3xDwWE0W/9Gc16qih/apon+

Score

N/A

Malware Config

Signatures

Files

d078a3c6a8e4b0d6d7d8d6974748bc545299cf90123bd6a6fb33175223118503
.dll regsvr32 windows x86

e6c44c93bff37aca88f848897aa35876

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
DisableThreadLibraryCalls
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
lstrcpyA
EnterCriticalSection
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
GetProcAddress
LoadLibraryA
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedIncrement
InterlockedDecrement
LoadLibraryExA
GetLastError
lstrlenW
TlsSetValue
TlsAlloc
GetSystemDirectoryA
WaitForSingleObject
ExitProcess
RaiseException
RtlUnwind
LocalFree
CreateThread
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
TerminateProcess
GetVersion
WriteFile
SetEvent
GetSystemTime
GetTimeFormatA
GetDateFormatA
GetTickCount
CreateEventA
FormatMessageA
CreateFileA
CloseHandle
GetVersionExA
GetFileSize
ReadFile
LocalAlloc
LocalReAlloc
TlsFree
HeapAlloc
Sleep
CreateProcessA
HeapFree
SetLastError
TlsGetValue
GetProcessHeap
DeleteFileA

user32

InvalidateRect
GetParent
PtInRect
UnionRect
GetWindowRect
ShowWindow
GetKeyState
LoadStringA
DispatchMessageA
GetMessageA
PeekMessageA
DialogBoxParamA
SendMessageA
IsDlgButtonChecked
EndDialog
MessageBoxA
SendDlgItemMessageA
DestroyWindow
BeginPaint
GetClientRect
EndPaint
GetFocus
IsChild
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
SetFocus
IsWindow
EnableWindow
CallWindowProcA
GetDlgItem
SetWindowLongA
GetWindowLongA
CreateWindowExA
ReleaseDC
GetDC
CharNextA
DefWindowProcA

gdi32

GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
CreateDCA
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA

advapi32

FreeSid
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
GetTokenInformation
AllocateAndInitializeSid
CryptDestroyHash
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
CryptAcquireContextA
CryptDecrypt
OpenProcessToken
EqualSid

oleaut32

SysAllocStringLen
DispCallFunc
SysAllocStringByteLen
OleCreatePropertyFrame
SysStringByteLen
VariantChangeType
VariantClear
SysStringLen
SysAllocString
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString
VariantInit
VariantCopy

ole32

CoUninitialize
CoGetMalloc
CoUnmarshalInterface
CoInitialize
CoMarshalInterface
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
OleSaveToStream
WriteClassStm
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
OleLoadFromStream
CLSIDFromString
CreateDataAdviseHolder
OleRegGetMiscStatus

shlwapi

StrCmpNIA
SHCopyKeyA
StrCmpW
StrRChrIA
StrStrIA
StrCmpIW
StrRChrA

wininet

InternetCrackUrlA
InternetAttemptConnect
InternetSetOptionA

rasapi32

RasGetEntryPropertiesA
RasHangUpA
RasSetEntryPropertiesA
RasDeleteEntryA
RasGetErrorStringA
RasEnumConnectionsA
RasSetEntryDialParamsA
RasGetEntryDialParamsA
RasGetProjectionInfoA
RasEnumDevicesA
RasGetConnectStatusA
RasDialA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6c44c93bff37aca88f848897aa35876

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

ole32

shlwapi

wininet

rasapi32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 166KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 44KB - Virtual size: 41KB

.reloc Size: 16KB - Virtual size: 12KB

.text Size: 88KB - Virtual size: 88KB

.text
Size: 168KB - Virtual size: 166KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 44KB - Virtual size: 41KB

.reloc
Size: 16KB - Virtual size: 12KB

.text
Size: 88KB - Virtual size: 88KB