db7bb6bfd6e8decc478d3c8473ddf276a5fa5090e6987e3c5d641a63337a2460

Sharing

Copy URL

Twitter E-mail

General

Target

db7bb6bfd6e8decc478d3c8473ddf276a5fa5090e6987e3c5d641a63337a2460
Size

380KB
MD5

f7e390609bcab34a1cde45f4c8415fa8
SHA1

59774582c775dd7fd2fd2b6c9b18e8432ce326d8
SHA256

db7bb6bfd6e8decc478d3c8473ddf276a5fa5090e6987e3c5d641a63337a2460
SHA512

504afada85f1d6a7cbb985467ad7b44345954322b50a79a488bdc53d97a1317b69a9477fa651c09263afbb990632bc7ed27a6df64209883ba255017b6ab2780a
SSDEEP

6144:zKwFsGM5y+3kyzuJO1AmAGFxlNWCJBD4DsWR3Uqzujd3rm4eKsaJ:zlRB+3kyzuJO1AqWzujd3i4eKs6

Score

N/A

Malware Config

Signatures

Files

db7bb6bfd6e8decc478d3c8473ddf276a5fa5090e6987e3c5d641a63337a2460
.dll regsvr32 windows x86

88174efc93a7a71c56265a170f7dbd53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
HeapReAlloc
GetCommandLineA
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetHandleCount
HeapAlloc
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
InterlockedExchange
GetOEMCP
GetCPInfo
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFlags
WritePrivateProfileStringA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FreeResource
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
SetLastError
MulDiv
GlobalAddAtomA
GetCurrentThread
GetCurrentThreadId
GlobalDeleteAtom
lstrcmpA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryA
GetUserDefaultLCID
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
InterlockedDecrement
InterlockedIncrement
CreateProcessA
DeleteFileA
GetProcessHeap
HeapFree
CompareStringW
CompareStringA
GetVersion
OpenProcess
GetExitCodeProcess
CloseHandle
GetTempPathA
GetTickCount
FormatMessageA
LockResource
LocalFree
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
IsDBCSLeadByte
lstrcatA
lstrcpyA
lstrcpynA
GetModuleFileNameA
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetStdHandle

user32

LoadCursorA
GetSysColorBrush
DestroyMenu
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
GetWindowTextA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
TrackPopupMenu
SetForegroundWindow
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
CharNextA
MessageBoxA
GetWindowRect
IsWindowVisible
SetTimer
KillTimer
EnableWindow
GetWindowThreadProcessId
EnumWindows
GetSystemMetrics
CharUpperA
DefWindowProcA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
wsprintfA
UnhookWindowsHookEx
GetMenuItemCount
SetMenuItemBitmaps
GetFocus
GetMenuState
EnableMenuItem
CheckMenuItem
LoadIconA
UnregisterClassA
LoadBitmapA
DeleteMenu
GetMenuItemID
GetSubMenu
ModifyMenuA
LoadMenuA
GetClientRect
MapWindowPoints
FindWindowExA
GetParent
SendMessageA
SetWindowLongA
CallWindowProcA
GetWindowLongA
PostQuitMessage
PostMessageA
SetCursor
IsWindowEnabled
GetLastActivePopup
ValidateRect
GetCursorPos
GetMenuCheckMarkDimensions
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
PeekMessageA

gdi32

ExtTextOutA
TextOutA
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
DeleteObject
RectVisible
PtVisible
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateBitmap
CreateDIBSection
GetObjectA
SetDIBColorTable
SelectObject
DeleteDC
CreateCompatibleDC
Escape

msimg32

AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegDeleteKeyA

shell32

DragQueryFileA

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

OleRun
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
ReleaseStgMedium
CreateStreamOnHGlobal

oleaut32

SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
VariantInit
LoadRegTypeLi
SysStringLen
VariantClear
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantChangeType

gdiplus

GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipDrawImageI
GdipGetImageGraphicsContext
GdipFree
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

88174efc93a7a71c56265a170f7dbd53

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

Exports

Exports

Sections

.text Size: 152KB - Virtual size: 149KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 28KB - Virtual size: 24KB

.reloc Size: 32KB - Virtual size: 29KB

.text Size: 120KB - Virtual size: 120KB

.text
Size: 152KB - Virtual size: 149KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 28KB - Virtual size: 24KB

.reloc
Size: 32KB - Virtual size: 29KB

.text
Size: 120KB - Virtual size: 120KB