0b6c77c5f2cd6c8d189d530e4c173cf032c7f03be914752ac9f06ff036be475b

Sharing

Copy URL Twitter E-mail

General

Target

0b6c77c5f2cd6c8d189d530e4c173cf032c7f03be914752ac9f06ff036be475b
Size

164KB
MD5

6c4e2d3661d9cd94ef6103ad53d79510
SHA1

fc6c503dcd6e2df382546a1d88d3060a79087280
SHA256

0b6c77c5f2cd6c8d189d530e4c173cf032c7f03be914752ac9f06ff036be475b
SHA512

11aad4d1e99cfbea8998237a5f51b243eeed8093bb78c60128c18186639ec85466c01c342d4b5ddd397523bb334d4d08e274c62e6d8188880e77fd028cc6539b
SSDEEP

3072:qdycEsjtTijqVhKgDe1m31UBV1HdQp0AJuZsU+IE1N:wtTlVhKNBV1Hmp05sQE1

Score

N/A

Malware Config

Signatures

Files

0b6c77c5f2cd6c8d189d530e4c173cf032c7f03be914752ac9f06ff036be475b
.dll regsvr32 windows x86

7c3ff635b4563d9dce7253a01099e0b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
srand
?what@exception@@UBEPBDXZ
wcslen
wcscmp
tolower
isgraph
islower
isalpha
strerror
ispunct
isspace
strtol
strncpy
atoi
tmpnam
fopen
fwrite
fclose
strchr
isalnum
strstr
free
__mb_cur_max
wctomb
strtok
isupper
toupper
isxdigit
??2@YAPAXI@Z
??1exception@@UAE@XZ
??3@YAXPAX@Z
??0exception@@QAE@XZ
_CxxThrowException
__CxxFrameHandler
printf
malloc
??0exception@@QAE@ABV0@@Z

netapi32

Netbios

rpcrt4

UuidToStringA

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

CoInitialize
CoCreateInstance
CoTaskMemAlloc
CoCreateGuid
CoTaskMemFree

winmm

timeGetTime

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetSetOptionA
HttpQueryInfoA

oleaut32

SysFreeString
VariantClear
GetErrorInfo
SysAllocString

advapi32

CryptReleaseContext
SetEntriesInAclA
GetSecurityInfo
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
CryptGenRandom
CryptAcquireContextA
SetSecurityInfo

user32

SetTimer
DefWindowProcA
KillTimer
wsprintfA
CloseClipboard
OpenClipboard
SetWindowPos
GetClassNameA
EnumWindows
GetWindowThreadProcessId
EnumChildWindows
DispatchMessageA
TranslateMessage
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
SystemParametersInfoA

shlwapi

SHGetValueA
StrStrIA
SHSetValueA

kernel32

MultiByteToWideChar
Sleep
GetProcessHeap
GetLastError
GetCurrentProcessId
GetVersionExA
LoadLibraryA
LocalFree
FormatMessageA
HeapFree
GetProcessTimes
GetCurrentProcess
GetVersion
OpenProcess
VirtualAllocEx
GetProcAddress
WriteProcessMemory
CreateRemoteThread
CloseHandle
FreeLibrary
GetTickCount
QueryPerformanceCounter
GetWindowsDirectoryA
HeapSize
HeapAlloc
lstrcpynA
GetFullPathNameA
GetModuleFileNameA
GetLocalTime
CreateFileA
GetModuleHandleA
GetCurrentDirectoryA
GetSystemInfo
SetLastError
lstrlenA
MoveFileExA
WaitForSingleObject
GetCurrentThread
GetThreadTimes
SleepEx
lstrcmpA
lstrcmpiA
GetEnvironmentStrings
FreeEnvironmentStringsA
lstrcpyA
InterlockedExchange
GetEnvironmentVariableA
GetSystemDirectoryA
DeleteFileA
CreateProcessA
QueryPerformanceFrequency

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c3ff635b4563d9dce7253a01099e0b9

Headers

File Characteristics

Imports

msvcrt

netapi32

rpcrt4

psapi

version

ole32

winmm

wininet

oleaut32

advapi32

user32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 98KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 23KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 100KB - Virtual size: 98KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 23KB

.reloc
Size: 12KB - Virtual size: 8KB