d18b31f52fd2edff3b1d8f216d263eb9f91f3a9bff06e572c2b4cc72aecb10ad

Sharing

Copy URL Twitter E-mail

General

Target

d18b31f52fd2edff3b1d8f216d263eb9f91f3a9bff06e572c2b4cc72aecb10ad
Size

148KB
MD5

45ed6c4743e1e68ef38bbcb687a999bf
SHA1

fba1f71c9a952582c6060d139a5d701d949e3468
SHA256

d18b31f52fd2edff3b1d8f216d263eb9f91f3a9bff06e572c2b4cc72aecb10ad
SHA512

5e22e5764c28a3fcf53249bdd02347ea202d17cdde1ec1426cdf7da4df57dae9368decdf660012a073781ced4740ba130c27c37104f477aa5d013cf6661b4081
SSDEEP

3072:2pU+4mNtQMZ6t8BEIXI3LWzu6J2f4r3MBnGMcX:2hNBUtucCof4r3MpGM

Score

N/A

Malware Config

Signatures

Files

d18b31f52fd2edff3b1d8f216d263eb9f91f3a9bff06e572c2b4cc72aecb10ad
.dll regsvr32 windows x86

4aeca4a13e14aac1886a0afda10ba2bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OpenClipboard
CloseClipboard
wsprintfA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
SystemParametersInfoA
SetWindowPos
DefWindowProcA
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
EnumWindows
GetMessageA
ShowWindow
CreateWindowExA
RegisterClassExA

advapi32

SetEntriesInAclA
SetSecurityInfo
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetSecurityInfo

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile
InternetSetOptionA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

SHGetValueA
SHSetValueA
StrStrIA

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

winmm

timeGetTime

netapi32

Netbios

msvcrt

strstr
fclose
fwrite
fopen
tmpnam
atoi
wcslen
?what@exception@@UBEPBDXZ
wcscmp
printf
strerror
ispunct
isgraph
wctomb
__mb_cur_max
isxdigit
isspace
isalnum
isalpha
strncpy
toupper
strtok
srand
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
strchr
islower
tolower
??2@YAPAXI@Z
??1exception@@UAE@XZ
??3@YAXPAX@Z
_CxxThrowException
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
malloc
free
_stricmp
__CxxFrameHandler
isupper

ole32

CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoTaskMemFree
CoCreateGuid

rpcrt4

UuidToStringA

oleaut32

SysFreeString
SysAllocString
VariantClear
GetErrorInfo

kernel32

CreateFileA
VirtualAllocEx
WriteProcessMemory
GetCurrentProcessId
lstrcmpA
lstrcmpiA
GetCurrentProcess
GetProcessTimes
GetLocalTime
QueryPerformanceCounter
GetLastError
LoadLibraryA
LocalFree
FormatMessageA
CreateRemoteThread
SleepEx
GetEnvironmentStrings
FreeEnvironmentStringsA
lstrcpynA
MultiByteToWideChar
GetCurrentThread
GetThreadTimes
DeleteFileA
CreateProcessA
WaitForSingleObject
MoveFileExA
lstrcpyA
GetWindowsDirectoryA
GetSystemDirectoryA
GetFullPathNameA
InterlockedExchange
SetLastError
GetProcessHeap
HeapAlloc
HeapSize
GetVersion
GetProcAddress
FreeLibrary
GetTickCount
CloseHandle
OpenProcess
GetModuleFileNameA
QueryPerformanceFrequency
HeapFree
GetEnvironmentVariableA
GetCurrentDirectoryA
lstrlenA
Sleep
GetVersionExA
GetModuleHandleA
GetSystemInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4aeca4a13e14aac1886a0afda10ba2bd

Headers

File Characteristics

Imports

user32

advapi32

wininet

version

shlwapi

psapi

winmm

netapi32

msvcrt

ole32

rpcrt4

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 20KB - Virtual size: 21KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 20KB - Virtual size: 21KB

.reloc
Size: 8KB - Virtual size: 7KB