71195484bb45dc8ba52d708a5ae2791326492d7687f67bfc2f2035f8e8566276

Sharing

Copy URL Twitter E-mail

General

Target

71195484bb45dc8ba52d708a5ae2791326492d7687f67bfc2f2035f8e8566276
Size

370KB
MD5

3299d1ffd8433d5748415201e6fc0d56
SHA1

243e830d31e2da936a751f46716ad51909d1872e
SHA256

71195484bb45dc8ba52d708a5ae2791326492d7687f67bfc2f2035f8e8566276
SHA512

7de938e03933811da46c8a32576834c0ee8986096bbf78da47d3616c0ac33e9364ba646911aa436e55bb592202e5f379e5e2ec9e168ace5990bc34a9723cf441
SSDEEP

1536:cJJNaq+JR4JanjwrWTSIHJvmCUBN/VEXJXJXJXJXJXJXJXJXJXJXJXJXJXJXJXJj:K4q+J6IjwrWTSie

Score

N/A

Malware Config

Signatures

Files

71195484bb45dc8ba52d708a5ae2791326492d7687f67bfc2f2035f8e8566276
.dll regsvr32 windows x86

efc76a47c5569ba34b42f9096ca8b198

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW
PathCombineW
PathFindFileNameW
StrCmpW
StrCmpIW
StrCatW

kernel32

CreateThread
CreateMutexA
GetProcessHeap
CloseHandle
lstrcatA
lstrcpyA
InitializeCriticalSection
GetBinaryTypeW
GetLastError
lstrcpynA
GetProcAddress
FreeLibrary
LoadLibraryExA
WideCharToMultiByte
GetModuleFileNameA
MultiByteToWideChar
GetTimeFormatA
GetDateFormatA
lstrcmpA
lstrcmpiA
GetModuleHandleW
PulseEvent
CreateEventA
GetCurrentThreadId
GetTickCount
CreateFileMappingW
CreateFileW
SetFilePointerEx
DeleteFileW
SetFileAttributesW
GetTempFileNameW
GetTempPathW
WriteFile
ReadFile
LeaveCriticalSection
EnterCriticalSection
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
ResetEvent
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
FindClose
FindNextFileW
FindFirstFileW
GetModuleFileNameW
WaitForSingleObject
Sleep
ExitThread
lstrcpyW

user32

TranslateMessage
GetMessageW
SetWindowsHookExW
DispatchMessageW
DestroyWindow
GetSystemMetrics
wsprintfA
wsprintfW
RegisterClassExW
CreateWindowExW
GetWindowRect
SetTimer
GetClassNameA
GetWindow
SendMessageW
GetWindowTextA
CallNextHookEx
GetClientRect
DefWindowProcW
ShowWindow

shell32

SHGetSpecialFolderPathW

oleaut32

SysFreeString
SysAllocStringLen
VariantInit
SysAllocString
SysAllocStringByteLen
VariantClear
VariantCopy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efc76a47c5569ba34b42f9096ca8b198

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 2KB - Virtual size: 55KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 2KB - Virtual size: 55KB

.reloc
Size: 3KB - Virtual size: 2KB