c821e4c60d0da48c076ebf9b27e6a06ad3f83bbe107b447bce1b3be426f7665a

Sharing

Copy URL Twitter E-mail

General

Target

c821e4c60d0da48c076ebf9b27e6a06ad3f83bbe107b447bce1b3be426f7665a
Size

410KB
MD5

7786496d5ad279327759e05d7c658840
SHA1

12271d86389fa121dc8467a6f1abf8c5ea943731
SHA256

c821e4c60d0da48c076ebf9b27e6a06ad3f83bbe107b447bce1b3be426f7665a
SHA512

8a19c995b45192cd49e1f04da11e1b126157b50156b2544e7f23931001c50ace58b2fcea2cf82ea2124eb73b5ba55dd0e4135f9985f894116a6bbaee6c3a7f6d
SSDEEP

12288:lwTRlMDiFONKqhyPWYZOdxzmd22WbKJdSs5:lyDivhy/ZOdNTC

Score

N/A

Malware Config

Signatures

Files

c821e4c60d0da48c076ebf9b27e6a06ad3f83bbe107b447bce1b3be426f7665a
.dll regsvr32 windows x86

ffdd8426c653b47a5b3f1bbbf3b8c377

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetSetOptionW
InternetQueryOptionW
InternetCloseHandle
HttpSendRequestW
HttpQueryInfoW
FtpOpenFileW
InternetReadFile
FtpGetFileSize
InternetQueryDataAvailable
HttpAddRequestHeadersW
InternetOpenW
InternetConnectW
HttpOpenRequestW

rpcrt4

UuidFromStringA

kernel32

IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
DisableThreadLibraryCalls
GetModuleHandleW
GetModuleFileNameW
lstrlenW
GetLastError
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
MultiByteToWideChar
LoadLibraryExW
lstrcmpiW
GetProcAddress
SetStdHandle
InterlockedIncrement
InterlockedDecrement
TerminateThread
CloseHandle
WaitForSingleObject
OpenThread
GlobalUnlock
GlobalLock
WideCharToMultiByte
WriteFile
CreateFileW
GetCurrentThreadId
lstrlenA
GetStringTypeA
LCMapStringW
LCMapStringA
InterlockedExchange
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetLocaleInfoW
LoadLibraryA
SetConsoleCtrlHandler
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
SetEnvironmentVariableA
CreateFileA
FlushFileBuffers
CompareStringA
CompareStringW
RaiseException
GetConsoleCP
SetFilePointer
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
Sleep
VirtualAlloc
FatalAppExitA
VirtualFree
HeapCreate
GetModuleFileNameA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
ExitThread
CreateThread
GetSystemTimeAsFileTime
GetCommandLineA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
GetFileType

user32

CharNextW
SendMessageW
IsWindow
CharLowerBuffW
CloseClipboard
GetClipboardData
OpenClipboard
PeekMessageW
PostThreadMessageW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

ole32

CoCreateGuid
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoUninitialize
CoInitialize
CoGetInterfaceAndReleaseStream

oleaut32

VariantClear
VariantInit
VarBstrCmp
UnRegisterTypeLi
SysAllocString
RegisterTypeLi
SysStringLen
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SysFreeString

Exports

Exports

CreateHelperObject
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IsUnicode

Sections

.text
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ffdd8426c653b47a5b3f1bbbf3b8c377

Headers

File Characteristics

Imports

wininet

rpcrt4

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 216KB - Virtual size: 216KB

.rdata Size: 57KB - Virtual size: 57KB

.data Size: 5KB - Virtual size: 24KB

.SHARED Size: 512B - Virtual size: 8B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 9KB - Virtual size: 9KB

.text Size: 116KB - Virtual size: 116KB

.text
Size: 216KB - Virtual size: 216KB

.rdata
Size: 57KB - Virtual size: 57KB

.data
Size: 5KB - Virtual size: 24KB

.SHARED
Size: 512B - Virtual size: 8B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 9KB - Virtual size: 9KB

.text
Size: 116KB - Virtual size: 116KB