acedbf050dc7aea5d1ed0c548351f936bafa63da203691538d15fe6a21399070

Sharing

Copy URL Twitter E-mail

General

Target

acedbf050dc7aea5d1ed0c548351f936bafa63da203691538d15fe6a21399070
Size

326KB
MD5

040c3d61129925040a21ed6bda72d750
SHA1

a12e39df17fb0a31c36a281ec5692cca1b74b552
SHA256

acedbf050dc7aea5d1ed0c548351f936bafa63da203691538d15fe6a21399070
SHA512

5d00ed037a3df0eb21709c188abf7bf9237708a019de564cf73ffeec48b62030b7cdfc3e5bf04f3ff8702acc1b8ecd75d22eecdb634e5516ecd8127c40e48885
SSDEEP

1536:bgT4TLx6JmHL/FTWmvlkilg8UBL1TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT3:cETLx6JeL/FTfvTY

Score

N/A

Malware Config

Signatures

Files

acedbf050dc7aea5d1ed0c548351f936bafa63da203691538d15fe6a21399070
.dll regsvr32 windows x86

efc76a47c5569ba34b42f9096ca8b198

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW
PathCombineW
PathFindFileNameW
StrCmpW
StrCmpIW
StrCatW

kernel32

CreateThread
CreateMutexA
GetProcessHeap
CloseHandle
lstrcatA
lstrcpyA
InitializeCriticalSection
GetBinaryTypeW
GetLastError
lstrcpynA
GetProcAddress
FreeLibrary
LoadLibraryExA
WideCharToMultiByte
GetModuleFileNameA
MultiByteToWideChar
GetTimeFormatA
GetDateFormatA
lstrcmpA
lstrcmpiA
GetModuleHandleW
PulseEvent
CreateEventA
GetCurrentThreadId
GetTickCount
CreateFileMappingW
CreateFileW
SetFilePointerEx
DeleteFileW
SetFileAttributesW
GetTempFileNameW
GetTempPathW
WriteFile
ReadFile
LeaveCriticalSection
EnterCriticalSection
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
ResetEvent
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
FindClose
FindNextFileW
FindFirstFileW
GetModuleFileNameW
WaitForSingleObject
Sleep
ExitThread
lstrcpyW

user32

TranslateMessage
GetMessageW
SetWindowsHookExW
DispatchMessageW
DestroyWindow
GetSystemMetrics
wsprintfA
wsprintfW
RegisterClassExW
CreateWindowExW
GetWindowRect
SetTimer
GetClassNameA
GetWindow
SendMessageW
GetWindowTextA
CallNextHookEx
GetClientRect
DefWindowProcW
ShowWindow

shell32

SHGetSpecialFolderPathW

oleaut32

SysFreeString
SysAllocStringLen
VariantInit
SysAllocString
SysAllocStringByteLen
VariantClear
VariantCopy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efc76a47c5569ba34b42f9096ca8b198

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 2KB - Virtual size: 55KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 2KB - Virtual size: 55KB

.reloc
Size: 3KB - Virtual size: 2KB