4340b88cd42f82f9a42af27d4a86774fee98031da30afafaa4c8ea120c1334fd

Sharing

Copy URL Twitter E-mail

General

Target

4340b88cd42f82f9a42af27d4a86774fee98031da30afafaa4c8ea120c1334fd
Size

52KB
MD5

8ea54a79540e4a8ed967fd74b72f3f3d
SHA1

8b84b0226ae7e2e90a7967b0a7ba3d2ae069a719
SHA256

4340b88cd42f82f9a42af27d4a86774fee98031da30afafaa4c8ea120c1334fd
SHA512

709ba3067d6be24c0712d359e21f0808da07cf12e0848999ecc1be4a9cfeda608c2473c314c7a5a4a5648000ffdedf3fa6245bca8f240a73bd32ac5eafcf5397
SSDEEP

1536:AypHlSf1Pbk+aalRL3tkEHFmaAmkq9hjInLTI:saa7iwFtAriInLTI

Score

N/A

Malware Config

Signatures

Files

4340b88cd42f82f9a42af27d4a86774fee98031da30afafaa4c8ea120c1334fd
.dll regsvr32 windows x86

b80f89fd8a9a7fa0db1859c06cd2740c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
CloseHandle
Process32Next
Process32First
WritePrivateProfileStringA
GetProcAddress
SetFileAttributesA
CreateThread
MoveFileA
LocalFree
CreateDirectoryA
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
HeapDestroy
GetShortPathNameA
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
GetSystemDirectoryA
GetCommandLineW
GetCurrentProcessId
FindFirstFileA
GetPrivateProfileStringA
FindNextFileA
GetModuleFileNameA
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
lstrlenW
ExitProcess
Sleep
DeleteFileA
RemoveDirectoryA
CreateProcessA
FreeLibrary
LoadLibraryA
DisableThreadLibraryCalls

advapi32

SetNamedSecurityInfoA
SetEntriesInAclA
RegCreateKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA

shell32

SHGetSpecialFolderPathA
CommandLineToArgvW

ole32

CoGetInterfaceAndReleaseStream
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoInitialize
CoUninitialize

oleaut32

SysStringLen
LoadRegTypeLi
VariantClear
SysAllocString
SysFreeString

msvcrt

strrchr
_strlwr
_strupr
_adjust_fdiv
malloc
_initterm
free
atoi
_purecall
_wcslwr
wcsstr
fopen
fseek
ftell
??2@YAPAXI@Z
fread
strcat
strcpy
memset
_access
sprintf
??3@YAXPAX@Z
strstr
memcmp
memcpy
strcmp
_stricmp
strncpy
strchr
strncmp
strlen
fclose

shlwapi

SHSetValueA
SHDeleteKeyA
SHDeleteValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllGetObjectType
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b80f89fd8a9a7fa0db1859c06cd2740c

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

oleaut32

msvcrt

shlwapi

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

idata Size: 4KB - Virtual size: 4B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

idata
Size: 4KB - Virtual size: 4B

.reloc
Size: 4KB - Virtual size: 2KB