149f30ddb5808f8bbb123fe370278d02f88fcbccf4e9981055f24a9bf069061b

Sharing

Copy URL Twitter E-mail

General

Target

149f30ddb5808f8bbb123fe370278d02f88fcbccf4e9981055f24a9bf069061b
Size

144KB
MD5

df367ce9878ed63cb9045d1934072275
SHA1

0cc819798e1a5c62ec306235e5684ce2f9836742
SHA256

149f30ddb5808f8bbb123fe370278d02f88fcbccf4e9981055f24a9bf069061b
SHA512

70429385dae19dfae8a614d28b139b12f238373ce18eb30bd25e145edf3cb26b95a843b949657ce9eba73d2f46843adcfd482ea764b73edc20c48b275be87524
SSDEEP

3072:cyvxjGHcdzp/jJbrUTMD7mjlOz9so7NWam1J+o14rf3690O:Zj/dz5Bd7MlgzToarf36u

Score

N/A

Malware Config

Signatures

Files

149f30ddb5808f8bbb123fe370278d02f88fcbccf4e9981055f24a9bf069061b
.dll regsvr32 windows x86

44991eb685dffb1065149af710bf8ee0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrIA
SHGetValueA
SHSetValueA

wininet

InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA
InternetSetOptionA
InternetOpenA
InternetReadFile

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
CoInitialize
CoCreateInstance

user32

SystemParametersInfoA
SetWindowPos
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
KillTimer
SetTimer
DefWindowProcA
OpenClipboard
CloseClipboard
GetClassNameA

advapi32

CryptGenRandom
CryptReleaseContext
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegCloseKey
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
CryptAcquireContextA

netapi32

Netbios

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

winmm

timeGetTime

oleaut32

GetErrorInfo
SysAllocString
SysFreeString
VariantClear

rpcrt4

UuidToStringA

psapi

EnumProcesses
GetModuleBaseNameA
EnumProcessModules

msvcrt

__CxxFrameHandler
strchr
strncpy
??3@YAXPAX@Z
??2@YAPAXI@Z
printf
free
strstr
isxdigit
strerror
wctomb
__mb_cur_max
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@XZ
isalpha
isgraph
wcslen
?what@exception@@UBEPBDXZ
wcscmp
_stricmp
toupper
strtok
srand
isspace
isupper
ispunct
isalnum
tolower
islower
fclose
fwrite
fopen
tmpnam
atoi
strtol
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
malloc

kernel32

LocalFree
CreateFileA
LoadLibraryA
VirtualAllocEx
GetProcAddress
WriteProcessMemory
CreateRemoteThread
FreeLibrary
lstrcmpA
lstrcmpiA
GetModuleHandleA
GetEnvironmentStrings
FormatMessageA
InterlockedExchange
GetCurrentThread
GetThreadTimes
GetSystemDirectoryA
GetCurrentProcessId
GetEnvironmentVariableA
OpenProcess
CloseHandle
GetLocalTime
GetProcessHeap
HeapAlloc
HeapSize
MultiByteToWideChar
lstrcpynA
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
FreeEnvironmentStringsA
lstrlenA
GetVersion
GetCurrentDirectoryA
GetWindowsDirectoryA
GetFullPathNameA
SetLastError
GetLastError
GetSystemInfo
Sleep
GetCurrentProcess
GetProcessTimes
QueryPerformanceCounter
lstrcpyA
HeapFree
GetModuleFileNameA
SleepEx
GetVersionExA
GetTickCount
QueryPerformanceFrequency

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44991eb685dffb1065149af710bf8ee0

Headers

File Characteristics

Imports

shlwapi

wininet

ole32

user32

advapi32

netapi32

version

winmm

oleaut32

rpcrt4

psapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 21KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 21KB

.reloc
Size: 8KB - Virtual size: 7KB