53538d5d44ca0f3f45eeca12c299d29686e4127871420daad30be0c6507cadaa

Sharing

Copy URL Twitter E-mail

General

Target

53538d5d44ca0f3f45eeca12c299d29686e4127871420daad30be0c6507cadaa
Size

148KB
MD5

3cc727556c7f319fa44b8459f3c60161
SHA1

40680031fadc6eecb789c8a796ecb6c3d99ca9c0
SHA256

53538d5d44ca0f3f45eeca12c299d29686e4127871420daad30be0c6507cadaa
SHA512

84f1ea38dc1eafc14d279e7d0c88850c2fc5f4a666658b7029062d5aa87c68163847da4ae5c2bcac5a1eb0d98b8e6b96596c726bbdb4b9e4659577057419579f
SSDEEP

3072:4yKTfh2MmmgiJ0vtzq/cYsuWvr9SxR3wJAbjYnWCuKJyIPmnBNKV8PmO:q74liKtzq/cVuWvr9SnAJAbyWCubXK2

Score

N/A

Malware Config

Signatures

Files

53538d5d44ca0f3f45eeca12c299d29686e4127871420daad30be0c6507cadaa
.dll regsvr32 windows x86

bca884b4afc80c860d8f651c1327bfa9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord823
ord825

msvcrt

__dllonexit
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_wcsnicmp
towlower
_itow
_wcsicmp
towupper
iswalpha
_mbctolower
_itoa
_mbctoupper
_ismbblead
_mbsdec
_mbsnbicmp
_mbsicmp
_mbsnbcpy
isalpha
strncpy
srand
rand
wcscpy
wcsncpy
__CxxFrameHandler
_purecall
wcscmp
sprintf
_vsnprintf
memmove
wcslen
malloc
free
?terminate@@YAXXZ
_except_handler3
_onexit

oleaut32

VarDecFromI4
VariantCopy
SysFreeString
SysAllocStringLen
UnRegisterTypeLi
SysStringLen
LoadRegTypeLi
VariantClear
LHashValOfNameSys
LHashValOfNameSysA
VarCyFromR8
VariantChangeTypeEx
SysAllocString
LoadTypeLi
SysReAllocStringLen
VarCyFromI4
SafeArrayUnlock
VarR4FromDec
VarCyFromR4
VarR4FromCy
SafeArrayDestroy
SafeArrayCreate
SafeArrayLock
LoadTypeLibEx

ole32

StringFromCLSID
StringFromGUID2
CoGetMalloc
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree

advapi32

RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyA
RegQueryValueA
RegSetValueA
RegSetValueExA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyA
RegCloseKey
IsTextUnicode

kernel32

CreateDirectoryW
MoveFileW
RemoveDirectoryW
GetShortPathNameW
lstrcpyW
GetFullPathNameW
lstrcatW
FindNextFileW
GetSystemDirectoryW
GetWindowsDirectoryW
GetTempPathW
CopyFileW
DeleteFileW
GetFileAttributesW
CreateDirectoryA
MoveFileA
RemoveDirectoryA
GetShortPathNameA
GetFullPathNameA
lstrcatA
FindNextFileA
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
CopyFileA
DeleteFileA
GetFileAttributesA
GetStdHandle
InterlockedDecrement
InterlockedIncrement
QueryPerformanceCounter
SetFileAttributesA
GetUserDefaultLCID
GetVersion
GetLocaleInfoA
lstrcpyA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVersionExA
LoadLibraryA
GetProcAddress
GetTickCount
GetFileType
GetFileInformationByHandle
SetFilePointer
WriteConsoleW
WriteFile
PeekNamedPipe
ReadFile
CloseHandle
CreateFileW
CreateFileA
FindFirstFileW
FindFirstFileA
FindClose
GetLogicalDrives
SetVolumeLabelW
SetVolumeLabelA
SetErrorMode
GetVolumeInformationW
GetVolumeInformationA
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
GetDiskFreeSpaceA
SetFileAttributesW
InitializeCriticalSection
LCMapStringW
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
SetLastError
CompareStringW
CompareStringA
GetDriveTypeW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetDriveTypeA
GetDiskFreeSpaceW

user32

CharNextA
wsprintfA
LoadStringA

version

GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
DoOpenPipeStream

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bca884b4afc80c860d8f651c1327bfa9

Headers

File Characteristics

Imports

mfc42

msvcrt

oleaut32

ole32

advapi32

kernel32

user32

version

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 98KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 32KB - Virtual size: 31KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 100KB - Virtual size: 98KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 8KB - Virtual size: 6KB