f31813e6f4430d6ca330baff67c7bd1c9a6375421ea2e5919ae7905b17749fa7

Sharing

Copy URL

Twitter E-mail

General

Target

f31813e6f4430d6ca330baff67c7bd1c9a6375421ea2e5919ae7905b17749fa7
Size

212KB
MD5

3ce355d8f854db6bd3ec9a2a4c23e2b0
SHA1

1afd299c17ebf18295a9f69e35e2af90eb4ccea0
SHA256

f31813e6f4430d6ca330baff67c7bd1c9a6375421ea2e5919ae7905b17749fa7
SHA512

1cf811ef95390fe692064143f852ae261f4b40e5a11fc5451024fe9f5ea652ba449fa074bbc108c60d52a7e8868acac8507d5766250d77b7d4dab3cfeca72d3f
SSDEEP

1536:RpUTw2h7w5CvTOvr2FLlIDGNajLErxwnZMoEwjyhBOodKND6BgJ/P:RRQy2FJwBjmxJuyuodKcCJ/P

Score

N/A

Malware Config

Signatures

Files

f31813e6f4430d6ca330baff67c7bd1c9a6375421ea2e5919ae7905b17749fa7
.dll regsvr32 windows x86

811a913615b4c01b6b25596d26050d35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA

kernel32

GetCurrentProcess
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
CreateDirectoryA
RtlUnwind
HeapAlloc
HeapFree
RaiseException
HeapReAlloc
HeapSize
GetACP
ExitProcess
TerminateProcess
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
SetStdHandle
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
LoadLibraryA
FreeLibrary
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
GetProcessVersion
GetCurrentThreadId
CloseHandle
GetVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalAlloc
GlobalReAlloc
TlsFree
GlobalHandle
GlobalFree
TlsAlloc
LocalAlloc
lstrcmpA
GlobalLock
GlobalUnlock
GetLastError
SetLastError
LocalFree
lstrcpynA
lstrcmpiA
MultiByteToWideChar
lstrlenA
EnterCriticalSection
LeaveCriticalSection
ExpandEnvironmentStringsA
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameA
DisableThreadLibraryCalls
GetPrivateProfileStringA
lstrlenW
WideCharToMultiByte
WritePrivateProfileStringA
GetCommandLineA

oleaut32

SysFreeString
VariantClear
VariantChangeType
SysAllocStringLen
LoadRegTypeLi
SysStringLen
VariantCopy

comctl32

ord17

atl

ord32
ord30
ord58
ord57
ord18
ord15
ord16
ord21
ord23
ord31

user32

AdjustWindowRectEx
MapWindowPoints
PostMessageA
LoadIconA
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
PostQuitMessage
DestroyMenu
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GrayStringA
DrawTextA
TabbedTextOutA
SetWindowPos
SetWindowLongA
GetDlgItem
GetDC
ReleaseDC
GetSysColorBrush
LoadCursorA
GetSystemMetrics
DispatchMessageA
GetKeyState
LoadStringA
GetWindowTextA
UnhookWindowsHookEx
CallNextHookEx
PeekMessageA
SetWindowsHookExA
SetFocus
GetFocus
EnableWindow
MessageBoxA
SendMessageA
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
GetMenuItemID
GetMenuState
GetSubMenu
GetMenuItemCount
GetClassNameA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetSysColor

gdi32

SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
CreateBitmap
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

811a913615b4c01b6b25596d26050d35

Headers

File Characteristics

Imports

shlwapi

kernel32

oleaut32

comctl32

atl

user32

gdi32

winspool.drv

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 104KB - Virtual size: 117KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 16KB - Virtual size: 12KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 104KB - Virtual size: 117KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 16KB - Virtual size: 12KB