27b214b80cfccdb9b15a86004b6125c6e612356cb470dc053d1a45f1cb526ab0

Sharing

Copy URL Twitter E-mail

General

Target

27b214b80cfccdb9b15a86004b6125c6e612356cb470dc053d1a45f1cb526ab0
Size

13KB
MD5

cd6830df8ebfbd786abe5e0551236110
SHA1

c4c30a7624d7e9d60e3ddff24c8645b4307bb9e8
SHA256

27b214b80cfccdb9b15a86004b6125c6e612356cb470dc053d1a45f1cb526ab0
SHA512

1c2e04d58ba0a92bb90904b2764c2c036222488e1da0ec069a8921add3b67ac6439a7e9091accb396bba3c9d3960721ae5a49ce53c578b9910f7e9544196a5d4
SSDEEP

192:rm65pteEm7EWysN+N5dheg9IZcH1L6yzGDWTobBlYmM/xJfnf6ep:r9eGWR+NB1VbzGDWT+BnSP

Score

N/A

Malware Config

Signatures

Files

27b214b80cfccdb9b15a86004b6125c6e612356cb470dc053d1a45f1cb526ab0
.dll regsvr32 windows x86

d0c7f6d8aeede64f077e8d4362b0e904

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

rand
srand
strtok
ispunct
isprint
fopen
fwrite
sprintf
memset
islower
isgraph
isdigit
isalpha
isalnum
div
ceil
strncpy
atoi
??2@YAPAXI@Z
??3@YAXPAX@Z
fclose
tmpnam
free
malloc
_snprintf
_adjust_fdiv
_initterm
_stricmp

kernel32

OutputDebugStringA
Sleep
GetModuleFileNameA
SleepEx
DisableThreadLibraryCalls
OpenProcess
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetLocalTime
GetCurrentProcessId
GetSystemDirectoryA
DeleteFileA
CreateProcessA
WaitForSingleObject
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
MoveFileExA
DeleteFileW

user32

wsprintfA
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
KillTimer
SetTimer
DefWindowProcA

advapi32

GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo

shell32

SHGetSpecialFolderPathA
SHChangeNotify
SHGetSpecialFolderPathW

ole32

CoCreateInstance
CoInitialize

wininet

InternetSetOptionA
InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile
InternetOpenA

shlwapi

SHGetValueA
SHSetValueA

rpcrt4

RpcStringFreeA
UuidCreate
UuidToStringA

netapi32

Netbios

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0c7f6d8aeede64f077e8d4362b0e904

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

ole32

wininet

shlwapi

rpcrt4

netapi32

psapi

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 672B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 672B