bfd8e7e409568b0ea6b9459b3724cd5934c6b5f12c6f1a5147a807f48b2a1109

Sharing

Copy URL

Twitter E-mail

General

Target

bfd8e7e409568b0ea6b9459b3724cd5934c6b5f12c6f1a5147a807f48b2a1109
Size

120KB
MD5

0031881af62c4f5f8b14efca8caf394c
SHA1

aed072cf559c12dd1393eaba43287382f8c8bf12
SHA256

bfd8e7e409568b0ea6b9459b3724cd5934c6b5f12c6f1a5147a807f48b2a1109
SHA512

b6d4070feef9490fef2de9dd4234af4f1de362f3ecea798da341bc9b385880762a6cf2b27471adfc6927a2be86c37e17b55f105b9f9ce67732c90bc1460c012b
SSDEEP

3072:1mKjo8J1iTeBVm5INYaeAsh7dChJ6Wk271cY:1ljpOTeBVm5I+awRdW771c

Score

N/A

Malware Config

Signatures

Files

bfd8e7e409568b0ea6b9459b3724cd5934c6b5f12c6f1a5147a807f48b2a1109
.dll regsvr32 windows x86

7929f55e1432fb69a2b740bab6f9445e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

oleaut32

GetErrorInfo
SysFreeString
SysAllocString
VariantClear

winmm

timeGetTime

user32

GetClassNameA
GetWindowThreadProcessId
RegisterClassExA
EnumWindows
KillTimer
SetTimer
DefWindowProcA
CloseClipboard
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
SystemParametersInfoA
SetWindowPos
wsprintfA
OpenClipboard
EnumChildWindows

shlwapi

SHGetValueA
SHSetValueA
StrStrIA

advapi32

CryptGenRandom
CryptReleaseContext
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegCloseKey
CryptAcquireContextA

netapi32

Netbios

ole32

CoTaskMemAlloc
CoCreateGuid
CoCreateInstance
CoInitialize
CoTaskMemFree

rpcrt4

UuidToStringA

msvcrt

tolower
strchr
strncpy
??0exception@@QAE@ABV0@@Z
isspace
_CxxThrowException
??0exception@@QAE@XZ
??1exception@@UAE@XZ
islower
isgraph
strerror
isalpha
isalnum
?what@exception@@UBEPBDXZ
wcslen
wcscmp
srand
toupper
strtok
_stricmp
fclose
fwrite
fopen
tmpnam
atoi
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
ispunct
isxdigit
isupper
printf
__CxxFrameHandler
__mb_cur_max
wctomb
??3@YAXPAX@Z
??2@YAPAXI@Z
free
malloc
strstr

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

wininet

InternetSetOptionA
InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile
InternetOpenA

kernel32

GetLocalTime
SleepEx
CreateFileA
DisableThreadLibraryCalls
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThread
GetThreadTimes
GetCurrentProcess
CreateRemoteThread
GetSystemInfo
lstrcmpA
lstrcmpiA
lstrcpynA
FormatMessageA
LocalFree
GetCurrentProcessId
GetEnvironmentStrings
FreeEnvironmentStringsA
lstrcpyA
WriteProcessMemory
VirtualAllocEx
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
GetProcessTimes
GetTickCount
GetFullPathNameA
InterlockedExchange
SetLastError
GetLastError
lstrlenA
GetCurrentDirectoryA
GetEnvironmentVariableA
HeapAlloc
HeapSize
HeapFree
QueryPerformanceFrequency
CloseHandle
OpenProcess
QueryPerformanceCounter
GetModuleFileNameA
GetModuleHandleA
MultiByteToWideChar
GetVersionExA
GetWindowsDirectoryA
Sleep
GetProcessHeap
GetSystemDirectoryA
GetVersion

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7929f55e1432fb69a2b740bab6f9445e

Headers

File Characteristics

Imports

version

oleaut32

winmm

user32

shlwapi

advapi32

netapi32

ole32

rpcrt4

msvcrt

psapi

wininet

kernel32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 20KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 20KB

.reloc
Size: 8KB - Virtual size: 6KB