339a1789e7ba7e9dbcd53ee0788c0ac074122d8a64ae5eea40873400355d1cef

Sharing

Copy URL Twitter E-mail

General

Target

339a1789e7ba7e9dbcd53ee0788c0ac074122d8a64ae5eea40873400355d1cef
Size

152KB
MD5

8a874c3cfb948b548ca1a38da446fb4a
SHA1

1a1a4884c83fd3c1d6cc46e2fc7e0af5b5f66ad6
SHA256

339a1789e7ba7e9dbcd53ee0788c0ac074122d8a64ae5eea40873400355d1cef
SHA512

d380b93076d67c1d88256ccf1c7a0062d7934ba7dab63954105b2334147f2821bce682d2bc40ea0848ffd7e2343fd96557e285f05d595297156a46467b3b62d7
SSDEEP

1536:XfeSD03lrL1gdUJHIPlO2EaSOrWVa4TTTDa2c9WyvRdj9CICS4A71j11to5Laf8c:vkDBBpTbMBB1jXtoof8Wa

Score

N/A

Malware Config

Signatures

Files

339a1789e7ba7e9dbcd53ee0788c0ac074122d8a64ae5eea40873400355d1cef
.dll regsvr32 windows x86

2b3c31da0e27b7e8149c48e1d14a0f09

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

KillTimer
TranslateMessage
GetMessageA
SetTimer
CreateWindowExA
RegisterClassExA
wsprintfA
SetWindowPos
DefWindowProcA
ShowWindow
DispatchMessageA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
SystemParametersInfoA

kernel32

RaiseException
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetLocalTime
FreeLibrary
CloseHandle
CreateRemoteThread
LocalFree
GetProcAddress
VirtualAllocEx
OpenProcess
LoadLibraryA
SleepEx
GetModuleFileNameA
GetTickCount
GetCurrentProcessId
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
GetSystemDirectoryA
CreateFileA
WriteFile
GetFileAttributesA
GetFileType
TerminateProcess
GetCurrentProcess
WriteProcessMemory
GetOEMCP
GetACP
ReadFile
SetEndOfFile
SetFilePointer
FlushFileBuffers
TlsGetValue
SetLastError
SetStdHandle
TlsFree
TlsAlloc
GetCPInfo
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetStdHandle
HeapAlloc
HeapFree
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
TlsSetValue
WideCharToMultiByte
GetLastError
MultiByteToWideChar
RtlUnwind
GetCommandLineA
GetVersion
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
LCMapStringA
LCMapStringW
GetCurrentThreadId
SetHandleCount

advapi32

SetEntriesInAclA
SetSecurityInfo
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetSecurityInfo

shell32

StrStrIA

ole32

CoCreateInstance
CoInitialize
CoCreateGuid

oleaut32

VariantInit
SysAllocString
GetErrorInfo

wininet

InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA

netapi32

Netbios

shlwapi

SHSetValueA
SHGetValueA

rpcrt4

UuidToStringA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b3c31da0e27b7e8149c48e1d14a0f09

Headers

File Characteristics

Imports

user32

kernel32

advapi32

shell32

ole32

oleaut32

wininet

netapi32

shlwapi

rpcrt4

psapi

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 24KB - Virtual size: 31KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 24KB - Virtual size: 31KB

.reloc
Size: 8KB - Virtual size: 5KB