5d1283338408a3e5d606d6ccfda05eb4e9e7f968eda2b9c1a1f5e647ea8b7175

Sharing

Copy URL Twitter E-mail

General

Target

5d1283338408a3e5d606d6ccfda05eb4e9e7f968eda2b9c1a1f5e647ea8b7175
Size

316KB
MD5

0171d0f662bc8cbccbe6b7dc34d44faa
SHA1

10619b76211134f0419a72d42726075923195ff1
SHA256

5d1283338408a3e5d606d6ccfda05eb4e9e7f968eda2b9c1a1f5e647ea8b7175
SHA512

2573d3a6463e50032a8090ea7d4a984975fbfb4fc5fec38495071efcc46fc53d15ef5244e31cdea9edcfd95af5879ca26f8785c8a87495c1bf305d6df2b35732
SSDEEP

1536:OcT4fLtLJmHL/xTWmvlkulgEUBr1TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTH:fEfLtLJeL/xTfv78

Score

N/A

Malware Config

Signatures

Files

5d1283338408a3e5d606d6ccfda05eb4e9e7f968eda2b9c1a1f5e647ea8b7175
.dll regsvr32 windows x86

efc76a47c5569ba34b42f9096ca8b198

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW
PathCombineW
PathFindFileNameW
StrCmpW
StrCmpIW
StrCatW

kernel32

CreateThread
CreateMutexA
GetProcessHeap
CloseHandle
lstrcatA
lstrcpyA
InitializeCriticalSection
GetBinaryTypeW
GetLastError
lstrcpynA
GetProcAddress
FreeLibrary
LoadLibraryExA
WideCharToMultiByte
GetModuleFileNameA
MultiByteToWideChar
GetTimeFormatA
GetDateFormatA
lstrcmpA
lstrcmpiA
GetModuleHandleW
PulseEvent
CreateEventA
GetCurrentThreadId
GetTickCount
CreateFileMappingW
CreateFileW
SetFilePointerEx
DeleteFileW
SetFileAttributesW
GetTempFileNameW
GetTempPathW
WriteFile
ReadFile
LeaveCriticalSection
EnterCriticalSection
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
ResetEvent
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
FindClose
FindNextFileW
FindFirstFileW
GetModuleFileNameW
WaitForSingleObject
Sleep
ExitThread
lstrcpyW

user32

TranslateMessage
GetMessageW
SetWindowsHookExW
DispatchMessageW
DestroyWindow
GetSystemMetrics
wsprintfA
wsprintfW
RegisterClassExW
CreateWindowExW
GetWindowRect
SetTimer
GetClassNameA
GetWindow
SendMessageW
GetWindowTextA
CallNextHookEx
GetClientRect
DefWindowProcW
ShowWindow

shell32

SHGetSpecialFolderPathW

oleaut32

SysFreeString
SysAllocStringLen
VariantInit
SysAllocString
SysAllocStringByteLen
VariantClear
VariantCopy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efc76a47c5569ba34b42f9096ca8b198

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 2KB - Virtual size: 55KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 2KB - Virtual size: 55KB

.reloc
Size: 3KB - Virtual size: 2KB