d2f9278552d1306b8f09042e593bbfee907be1852041b85a8e3ab4a097dd6cfa

Sharing

Copy URL Twitter E-mail

General

Target

d2f9278552d1306b8f09042e593bbfee907be1852041b85a8e3ab4a097dd6cfa
Size

13KB
MD5

0ecf8a006786774ec2042cedeb2f52c0
SHA1

383a45ef71dbaf88e5b554df7b506de6e40d0b5c
SHA256

d2f9278552d1306b8f09042e593bbfee907be1852041b85a8e3ab4a097dd6cfa
SHA512

f3bcfcdc854808190dff73d27378aff2698076a890accc430e1696c427b1b2cd3d24650437cb83ee59d5e563721410122f1ec2f905c35939586808e4e2829380
SSDEEP

192:emh5pteEmOGEqVS0qndheg9IZ/5+L6yzGDWTobOlYVoGFua/Bhi6ep:e0estj08S5+bzGDWT+OfGFt

Score

N/A

Malware Config

Signatures

Files

d2f9278552d1306b8f09042e593bbfee907be1852041b85a8e3ab4a097dd6cfa
.dll regsvr32 windows x86

d0c7f6d8aeede64f077e8d4362b0e904

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

rand
srand
strtok
ispunct
isprint
fopen
fwrite
sprintf
memset
islower
isgraph
isdigit
isalpha
isalnum
div
ceil
strncpy
atoi
??2@YAPAXI@Z
??3@YAXPAX@Z
fclose
tmpnam
free
malloc
_snprintf
_adjust_fdiv
_initterm
_stricmp

kernel32

OutputDebugStringA
Sleep
GetModuleFileNameA
SleepEx
DisableThreadLibraryCalls
OpenProcess
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetLocalTime
GetCurrentProcessId
GetSystemDirectoryA
DeleteFileA
CreateProcessA
WaitForSingleObject
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
MoveFileExA
DeleteFileW

user32

wsprintfA
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
KillTimer
SetTimer
DefWindowProcA

advapi32

GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo

shell32

SHGetSpecialFolderPathA
SHChangeNotify
SHGetSpecialFolderPathW

ole32

CoCreateInstance
CoInitialize

wininet

InternetSetOptionA
InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile
InternetOpenA

shlwapi

SHGetValueA
SHSetValueA

rpcrt4

RpcStringFreeA
UuidCreate
UuidToStringA

netapi32

Netbios

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 662B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0c7f6d8aeede64f077e8d4362b0e904

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

ole32

wininet

shlwapi

rpcrt4

netapi32

psapi

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 662B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 662B