d6e7d2dbdf52a4538b8cd2686c914f6b88e1b458d21dedadf1439e802a8d1a95

Sharing

Copy URL Twitter E-mail

General

Target

d6e7d2dbdf52a4538b8cd2686c914f6b88e1b458d21dedadf1439e802a8d1a95
Size

140KB
MD5

f359589f8bcae3dd20748b80fcae9f0b
SHA1

ce6850f3fdc6a3520f49a9593d774fe08f6e9954
SHA256

d6e7d2dbdf52a4538b8cd2686c914f6b88e1b458d21dedadf1439e802a8d1a95
SHA512

55bbbdbb924523765b56ff4a56762c9d3cf2de6b4a7eecedc8f63690525c68640d1ab79ed80d5b06be2509a5419e839aa2ddc7ba6b2c32d5a370dc35e0112af4
SSDEEP

3072:QdhTwudmfQUOTHwptElvQFNEny8mrGsAQsg0Kmn6cEKy:FuImTHRvQogcQsg0Kmn6hKy

Score

N/A

Malware Config

Signatures

Files

d6e7d2dbdf52a4538b8cd2686c914f6b88e1b458d21dedadf1439e802a8d1a95
.dll regsvr32 windows x86

b7d2aa7918fb8f17916608a664531c46

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_onexit
__dllonexit
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
memset
memcpy
malloc
_CxxThrowException
free
_purecall
strcpy
strrchr
calloc
memcmp
??2@YAPAXI@Z
__CxxFrameHandler
??3@YAXPAX@Z

winmm

timeGetTime
timeSetEvent

kernel32

GetCurrentThread
SetThreadPriority
GetACP
GetTickCount
GetModuleHandleA
InterlockedExchange
SetErrorMode
GetProcAddress
WideCharToMultiByte
lstrcmpiA
GetThreadPriority
DeleteCriticalSection
InitializeCriticalSection
CreateFileA
GetModuleFileNameA
CloseHandle
ReadFile
GetFileSize
SignalObjectAndWait
SetEvent
InterlockedDecrement
WaitForSingleObject
ReleaseMutex
PulseEvent
CreateSemaphoreA
CreateEventA
CreateMutexA
CreateThread
ResetEvent
ReleaseSemaphore
GetSystemInfo
InterlockedIncrement
FreeLibrary
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
lstrlenA
MultiByteToWideChar
GetLastError
GetVersionExA
DisableThreadLibraryCalls
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
WaitForMultipleObjects
VirtualFree
VirtualAlloc

advapi32

RegCreateKeyA
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA

user32

SetWindowLongA
CreateDialogParamA
MoveWindow
InvalidateRect
ShowWindow
DestroyWindow
DefWindowProcA
wsprintfA
LoadStringA
GetWindowLongA
GetWindowRect
GetDesktopWindow
PeekMessageA
MsgWaitForMultipleObjects
wvsprintfA
PostThreadMessageA
RegisterWindowMessageA
GetQueueStatus
DispatchMessageA
PostMessageA
LoadStringW

comctl32

ord17

ole32

CoFreeUnusedLibraries
StringFromGUID2
CoInitialize
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoTaskMemAlloc

oleaut32

SysFreeString
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7d2aa7918fb8f17916608a664531c46

Headers

File Characteristics

Imports

msvcrt

winmm

kernel32

advapi32

user32

comctl32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 81KB

.text1 Size: 4KB - Virtual size: 1KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 7KB

.data1 Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 84KB - Virtual size: 81KB

.text1
Size: 4KB - Virtual size: 1KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 7KB

.data1
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB