9f979f11ed15e632644ae081f08911127b4d6d920ad01ce4bf396ebcf5998229

Sharing

Copy URL Twitter E-mail

General

Target

9f979f11ed15e632644ae081f08911127b4d6d920ad01ce4bf396ebcf5998229
Size

328KB
MD5

b752ec3d431f366dc85b5cfba015e200
SHA1

995eb0c510f7469fbe77a610d192782bf46f5551
SHA256

9f979f11ed15e632644ae081f08911127b4d6d920ad01ce4bf396ebcf5998229
SHA512

9ad2ba49b6b5de78645635884953f2986d3073711e0d70884d0b371e866c66b9ab8523f02b1ec2b8c0934084f0264ab8f403ce179d3a8b3287e31e08176f7a0f
SSDEEP

6144:miscx3dZBFdlF7eAVLk3xf7zs7CE0W/9IRcczWqDNdnjcWbRmhk4zxRvnGm+ZWw5:msF7eAVLk3xDwWE0W/9Gcx6qib4lRH+b

Score

N/A

Malware Config

Signatures

Files

9f979f11ed15e632644ae081f08911127b4d6d920ad01ce4bf396ebcf5998229
.dll regsvr32 windows x86

e6c44c93bff37aca88f848897aa35876

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
DisableThreadLibraryCalls
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
lstrcpyA
EnterCriticalSection
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
GetProcAddress
LoadLibraryA
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedIncrement
InterlockedDecrement
LoadLibraryExA
GetLastError
lstrlenW
TlsSetValue
TlsAlloc
GetSystemDirectoryA
WaitForSingleObject
ExitProcess
RaiseException
RtlUnwind
LocalFree
CreateThread
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
TerminateProcess
GetVersion
WriteFile
SetEvent
GetSystemTime
GetTimeFormatA
GetDateFormatA
GetTickCount
CreateEventA
FormatMessageA
CreateFileA
CloseHandle
GetVersionExA
GetFileSize
ReadFile
LocalAlloc
LocalReAlloc
TlsFree
HeapAlloc
Sleep
CreateProcessA
HeapFree
SetLastError
TlsGetValue
GetProcessHeap
DeleteFileA

user32

InvalidateRect
GetParent
PtInRect
UnionRect
GetWindowRect
ShowWindow
GetKeyState
LoadStringA
DispatchMessageA
GetMessageA
PeekMessageA
DialogBoxParamA
SendMessageA
IsDlgButtonChecked
EndDialog
MessageBoxA
SendDlgItemMessageA
DestroyWindow
BeginPaint
GetClientRect
EndPaint
GetFocus
IsChild
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
SetFocus
IsWindow
EnableWindow
CallWindowProcA
GetDlgItem
SetWindowLongA
GetWindowLongA
CreateWindowExA
ReleaseDC
GetDC
CharNextA
DefWindowProcA

gdi32

GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
CreateDCA
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA

advapi32

FreeSid
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
GetTokenInformation
AllocateAndInitializeSid
CryptDestroyHash
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
CryptAcquireContextA
CryptDecrypt
OpenProcessToken
EqualSid

oleaut32

SysAllocStringLen
DispCallFunc
SysAllocStringByteLen
OleCreatePropertyFrame
SysStringByteLen
VariantChangeType
VariantClear
SysStringLen
SysAllocString
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString
VariantInit
VariantCopy

ole32

CoUninitialize
CoGetMalloc
CoUnmarshalInterface
CoInitialize
CoMarshalInterface
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
OleSaveToStream
WriteClassStm
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
OleLoadFromStream
CLSIDFromString
CreateDataAdviseHolder
OleRegGetMiscStatus

shlwapi

StrCmpNIA
SHCopyKeyA
StrCmpW
StrRChrIA
StrStrIA
StrCmpIW
StrRChrA

wininet

InternetCrackUrlA
InternetAttemptConnect
InternetSetOptionA

rasapi32

RasGetEntryPropertiesA
RasHangUpA
RasSetEntryPropertiesA
RasDeleteEntryA
RasGetErrorStringA
RasEnumConnectionsA
RasSetEntryDialParamsA
RasGetEntryDialParamsA
RasGetProjectionInfoA
RasEnumDevicesA
RasGetConnectStatusA
RasDialA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6c44c93bff37aca88f848897aa35876

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

ole32

shlwapi

wininet

rasapi32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 166KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 44KB - Virtual size: 41KB

.reloc Size: 16KB - Virtual size: 12KB

.text Size: 88KB - Virtual size: 88KB

.text
Size: 168KB - Virtual size: 166KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 44KB - Virtual size: 41KB

.reloc
Size: 16KB - Virtual size: 12KB

.text
Size: 88KB - Virtual size: 88KB