2222d4e76b64643a8f436fd76e0bbda9126cf3eb53741b4eb87b508a07cf19ea

Sharing

Copy URL Twitter E-mail

General

Target

2222d4e76b64643a8f436fd76e0bbda9126cf3eb53741b4eb87b508a07cf19ea
Size

764KB
MD5

dc11a267cfac423d726419ed7eaa02e0
SHA1

61b23357ef9c81971c7827c10e36f17d9886c1ac
SHA256

2222d4e76b64643a8f436fd76e0bbda9126cf3eb53741b4eb87b508a07cf19ea
SHA512

4edfe69037642484bff29e9030c32f84952259f690d3a29486267240779db8c2bb5e59c42a0202e538a99a6af038cba8f21725e887f6ac706b2be68158c85868
SSDEEP

12288:R/DCOQ4NFlEcA87GSOmqz3bJR/2FP7WXu3FWUg7elEnKrjgCXh6O:44NFlEcA8CSfqT7T1Krjga6O

Score

N/A

Malware Config

Signatures

Files

2222d4e76b64643a8f436fd76e0bbda9126cf3eb53741b4eb87b508a07cf19ea
.dll regsvr32 windows x86

dc3ca0c60d49c457e5526cf879d405e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libcurl

curl_global_cleanup
curl_easy_setopt
curl_easy_init
curl_global_init
curl_formfree
curl_formadd
curl_easy_perform

kernel32

InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrcmpiW
GetCurrentProcess
InterlockedIncrement
InterlockedDecrement
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
Sleep
CreateProcessA
CreateSemaphoreW
CloseHandle
WaitForSingleObject
ReleaseSemaphore
OpenSemaphoreW
CreateTimerQueueTimer
DeleteTimerQueueTimer
DeleteTimerQueue
EnterCriticalSection
LeaveCriticalSection
OpenMutexW
CreateMutexW
CreateTimerQueue
GetCurrentThreadId
SetThreadLocale
GetThreadLocale
LockResource
FindResourceExW
CreateFileW
lstrlenA
WriteFile
ReadFile
GetFileSize
RaiseException
Process32FirstW
CreateToolhelp32Snapshot
ExitProcess
TerminateThread
GetCurrentProcessId
GetVersionExA
GetVolumeInformationW
SetErrorMode
GetFileTime
GetWindowsDirectoryW
CreateThread
GetCommandLineW
InitializeCriticalSectionAndSpinCount
GetTempPathW
GetExitCodeProcess
CreateProcessW
GetSystemDirectoryW
SetFileTime
WideCharToMultiByte
HeapFree
GetProcessHeap
InterlockedExchange
GetACP
GetLocaleInfoA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleCP
SetFilePointer
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
lstrlenW
WriteConsoleW
SetEndOfFile
GetFileType
Process32NextW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
SetHandleCount
IsValidCodePage
GetOEMCP
GetCPInfo
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
HeapCreate
VirtualFree
GetCommandLineA
VirtualQuery
GetSystemInfo
GetModuleHandleA
GetUserDefaultLCID
GetStringTypeExW
LCMapStringA
LCMapStringW
LoadLibraryA
InterlockedCompareExchange
RtlUnwind
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
GetProcAddress

user32

LoadStringW
SetWindowPos
GetForegroundWindow
PostMessageW
AllowSetForegroundWindow
GetMessageW
ShowWindow
FindWindowExW
PostThreadMessageW
CharNextW
UnregisterClassA

advapi32

GetUserNameW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize
StringFromGUID2
OleRun
CLSIDFromProgID
CLSIDFromString
CoTaskMemRealloc

oleaut32

SysAllocStringByteLen
SysAllocString
GetErrorInfo
VariantChangeType
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
LoadRegTypeLi
VariantInit
VarUI4FromStr
VariantClear
SysStringLen
SysStringByteLen
SysFreeString

shlwapi

UrlEscapeW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 624KB - Virtual size: 623KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc3ca0c60d49c457e5526cf879d405e0

Headers

File Characteristics

Imports

libcurl

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 624KB - Virtual size: 623KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 32KB - Virtual size: 31KB

.text
Size: 624KB - Virtual size: 623KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 32KB - Virtual size: 31KB