82648bc1c4724c013fa30210bb652063392662b67a79dc6d0ab7e7e0f95fee56

Sharing

Copy URL

Twitter E-mail

General

Target

82648bc1c4724c013fa30210bb652063392662b67a79dc6d0ab7e7e0f95fee56
Size

52KB
MD5

748cc4275cd0f56e3007ae3e4a5cbe47
SHA1

2c0098e9866647bbbd2f7fd3ef5b09adec4f0150
SHA256

82648bc1c4724c013fa30210bb652063392662b67a79dc6d0ab7e7e0f95fee56
SHA512

283d40bb02488d32f5342f6796320c4a45edd71f39e9314a712243acdda8427952f3e544cf23ddbae31332409684c63052972953cb1c4dfaf8532e92ad091b13
SSDEEP

1536:0Ci7zWz0ltGsqwKAqhkwnkPhgV8KFPIm7dD75/i:+HtGV80kPWLz75/i

Score

N/A

Malware Config

Signatures

Files

82648bc1c4724c013fa30210bb652063392662b67a79dc6d0ab7e7e0f95fee56
.dll regsvr32 windows x86

7141d196c402a98ca9830fee21cb10c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
HeapDestroy
lstrlenW
MultiByteToWideChar
lstrlenA
GetShortPathNameA
GetModuleHandleA
GetProcAddress
LoadLibraryA
WritePrivateProfileStringA
MoveFileA
Process32Next
Process32First
EnterCriticalSection
Sleep
FreeLibrary
FindNextFileA
GetPrivateProfileStringA
FindFirstFileA
ExitProcess
CreateThread
RemoveDirectoryA
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
GetCommandLineW
SetFileAttributesA
LocalFree
DeleteFileA
GetSystemDirectoryA
GetModuleFileNameA
CreateProcessA
WaitForSingleObject
CloseHandle
GetExitCodeProcess
CreateDirectoryA
GetCurrentProcessId
WideCharToMultiByte

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegDeleteKeyA
BuildExplicitAccessWithNameA
SetEntriesInAclA
GetNamedSecurityInfoA
SetNamedSecurityInfoA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegCloseKey

shell32

SHGetSpecialFolderPathA
CommandLineToArgvW

ole32

CoInitialize
CoUninitialize
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoCreateInstance

oleaut32

SysAllocString
VariantClear
SysStringLen
LoadRegTypeLi
SysFreeString

msvcrt

fseek
_strlwr
_stricmp
_adjust_fdiv
malloc
_initterm
free
strcmp
strncmp
strncpy
strchr
atoi
_wcslwr
wcsstr
strcpy
strlen
_access
strcat
sprintf
memset
strstr
??3@YAXPAX@Z
fclose
fread
??2@YAPAXI@Z
ftell
_strupr
fopen
strrchr
memcpy
_purecall
memcmp

shlwapi

SHSetValueA
SHDeleteValueA
SHDeleteKeyA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllGetObjectType
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7141d196c402a98ca9830fee21cb10c0

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

oleaut32

msvcrt

shlwapi

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

idata Size: 4KB - Virtual size: 4B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

idata
Size: 4KB - Virtual size: 4B

.reloc
Size: 4KB - Virtual size: 2KB