476b109f07d5ce42b0ac372bf9577d1b29e9f314a360ed805b1508f8ab222d1f

Sharing

Copy URL Twitter E-mail

General

Target

476b109f07d5ce42b0ac372bf9577d1b29e9f314a360ed805b1508f8ab222d1f
Size

88KB
MD5

5dd82ca62dcf5225bf7f3d563f221280
SHA1

c15425cfd26c66277aa3081ae5d82a25dbefcd25
SHA256

476b109f07d5ce42b0ac372bf9577d1b29e9f314a360ed805b1508f8ab222d1f
SHA512

a395961a41c9558401e38b809087aa0cbfb519ff6d168fae70acd36725fa9db2268058911fa5558dfbab32f6b3c2d2b0ff998de445fd1119630de5f67facc264
SSDEEP

1536:n0kq1wPwuhpR1Zie12KD2WBICS4ARDIuJkyr9La6xyOhGy:soBj12KDxq7D/Jkyr86x/3

Score

N/A

Malware Config

Signatures

Files

476b109f07d5ce42b0ac372bf9577d1b29e9f314a360ed805b1508f8ab222d1f
.dll regsvr32 windows x86

3d0f83d3689d9eb473d3b376b2f6efc8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetSetOptionA
InternetOpenA

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

netapi32

Netbios

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

rpcrt4

UuidToStringA

oleaut32

SysAllocString
GetErrorInfo
VariantClear

advapi32

SetEntriesInAclA
SetSecurityInfo
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetSecurityInfo

user32

EnumChildWindows
EnumWindows
KillTimer
DispatchMessageA
SetTimer
GetClassNameA
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
RegisterClassExA
wsprintfA
SetWindowPos
SystemParametersInfoA
DefWindowProcA
CloseClipboard
OpenClipboard
GetWindowThreadProcessId

ole32

CoCreateGuid
CoInitialize
CoCreateInstance

msvcrt

wcslen
strncpy
__CxxFrameHandler
_CxxThrowException
strchr
??3@YAXPAX@Z
??2@YAPAXI@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
wcscmp
isalnum
isxdigit
tolower
strstr
free
toupper
printf
strtok
_stricmp
fclose
fwrite
fopen
tmpnam
atoi
wctomb
__mb_cur_max
ispunct
isgraph
isspace
srand
isalpha
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
malloc
??0exception@@QAE@ABV0@@Z

kernel32

GetWindowsDirectoryA
GetCurrentProcessId
GetSystemInfo
DisableThreadLibraryCalls
GetCurrentDirectoryA
lstrcpyA
GetEnvironmentStrings
FreeEnvironmentStringsA
lstrcmpiA
GetSystemDirectoryA
DeleteFileA
CreateProcessA
WaitForSingleObject
MoveFileExA
SleepEx
VirtualAllocEx
WriteProcessMemory
lstrcmpA
MultiByteToWideChar
GetLocalTime
GetProcessHeap
CreateRemoteThread
CreateFileA
OpenProcess
CloseHandle
HeapAlloc
HeapSize
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleHandleA
FormatMessageA
LocalFree
GetFullPathNameA
SetLastError
GetVersion
lstrlenA
GetLastError
HeapFree
GetModuleFileNameA
GetTickCount
GetCurrentThread
Sleep
GetThreadTimes
QueryPerformanceCounter
QueryPerformanceFrequency

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d0f83d3689d9eb473d3b376b2f6efc8

Headers

File Characteristics

Imports

version

wininet

shlwapi

netapi32

psapi

rpcrt4

oleaut32

advapi32

user32

ole32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 16KB - Virtual size: 15KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 16KB - Virtual size: 15KB

.reloc
Size: 4KB - Virtual size: 2KB