a2d53e33fa42783528e936b4bc85e101b49bfba88247408725fdb306fc4c7353

Sharing

Copy URL Twitter E-mail

General

Target

a2d53e33fa42783528e936b4bc85e101b49bfba88247408725fdb306fc4c7353
Size

358KB
MD5

6a6fcca4f4d96763287099d03b3b9003
SHA1

eb71422f69efb18c946b33ca71b636544e1c62f7
SHA256

a2d53e33fa42783528e936b4bc85e101b49bfba88247408725fdb306fc4c7353
SHA512

3a264a1cb23f0e11106dd2118bb2e5b85db9a645e0e10211523d1ab10e09fe8ff006e1e71f80df3425d7f310f57719992899c8662c98acbe660f7a761ea6fd32
SSDEEP

1536:AHzLf/C2XceUOQk7bZWcWcWcWcWcWcWcWcWcWcWcWcWcWcWcWcWcWcWcWcWcWcWn:ez7/CoceXB

Score

N/A

Malware Config

Signatures

Files

a2d53e33fa42783528e936b4bc85e101b49bfba88247408725fdb306fc4c7353
.dll regsvr32 windows x86

ca299a8f22b6cdedf37f5d621f1b8950

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW
PathCombineW
PathFindFileNameW
StrCmpW
StrCmpIW
StrCatW

kernel32

LoadLibraryExA
CreateThread
GetProcessHeap
lstrcatA
lstrcpyA
InitializeCriticalSection
GetBinaryTypeW
CloseHandle
GetLastError
lstrcpynA
GetProcAddress
FreeLibrary
LoadLibraryA
WideCharToMultiByte
GetModuleFileNameA
MultiByteToWideChar
GetTimeFormatA
GetDateFormatA
lstrcmpA
lstrcmpiA
GetModuleHandleW
PulseEvent
CreateEventA
GetCurrentThreadId
GetTickCount
CreateFileMappingW
CreateFileW
SetFilePointerEx
DeleteFileW
SetFileAttributesW
GetTempFileNameW
GetTempPathW
WriteFile
ReadFile
LeaveCriticalSection
EnterCriticalSection
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
CreateMutexA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
FindClose
FindNextFileW
FindFirstFileW
GetModuleFileNameW
WaitForSingleObject
Sleep
ExitThread
ResetEvent
lstrcpyW

user32

GetMessageW
SetWindowsHookExW
TranslateMessage
DefWindowProcW
DestroyWindow
GetSystemMetrics
wsprintfA
DispatchMessageW
RegisterClassExW
CreateWindowExW
GetWindowRect
SetTimer
GetClassNameA
GetWindow
SendMessageW
GetWindowTextA
CallNextHookEx
ShowWindow
GetClientRect

shell32

SHGetSpecialFolderPathW

oleaut32

SysFreeString
SysAllocStringLen
VariantInit
SysAllocString
SysAllocStringByteLen
VariantClear
VariantCopy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca299a8f22b6cdedf37f5d621f1b8950

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 33KB

.data Size: 2KB - Virtual size: 54KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 2KB - Virtual size: 54KB

.reloc
Size: 3KB - Virtual size: 2KB