45be8c3fc8325fa5454abce64c47db2240c2ed5811050182ef83be8bb21229fe

Sharing

Copy URL Twitter E-mail

General

Target

45be8c3fc8325fa5454abce64c47db2240c2ed5811050182ef83be8bb21229fe
Size

548KB
MD5

e0f1b16a2bb7b9670f154491e66fd7fd
SHA1

f7e3b34743e5d835c7f399bb0fc1da0376ff6661
SHA256

45be8c3fc8325fa5454abce64c47db2240c2ed5811050182ef83be8bb21229fe
SHA512

b5f006be1ef3ac95abfa4e72e51d83fc620d4e4e5697e67d22cb06dbfb6780c3c7ec47fa86024af255bea47b2b3e44c7aacf678b7682d0721fd550b425ffb4a8
SSDEEP

6144:GNEVVeKxe/F2oCmuUaCkEnXZyh1K+AfAAlAVk8VYjdY8Losl9v6A4rGbmC3yC1hp:c44F2oRaynXZyh1Kx8Wp5LPkYOvS4I/

Score

N/A

Malware Config

Signatures

Files

45be8c3fc8325fa5454abce64c47db2240c2ed5811050182ef83be8bb21229fe
.dll regsvr32 windows x86

740d7cb11304862970f49454448a6e33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcschr
wcscspn
_wcsnicmp
atoi
atol
_wtoi
wcslen
_ultow
wcsncpy
malloc
free
_ftol
wcstod
wcsstr
wcscpy
sprintf
swprintf
wcscat
toupper
memmove
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall

kernel32

DeleteCriticalSection
InitializeCriticalSection
GlobalFree
GlobalReAlloc
GlobalAlloc
GlobalLock
GetSystemDefaultLCID
CompareStringA
TlsSetValue
CompareStringW
GetCurrentProcessId
EnterCriticalSection
GetCurrentThreadId
LeaveCriticalSection
WideCharToMultiByte
lstrlenW
TlsGetValue
TlsAlloc
lstrlenA
Sleep
InterlockedDecrement
InterlockedIncrement
FreeLibrary
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetModuleFileNameA
GetModuleHandleA
TlsFree
GlobalUnlock

user32

PeekMessageW
GetDesktopWindow
wsprintfW
GetWindowLongA
DispatchMessageW
TranslateMessage
GetWindow
IsWindowVisible
GetWindowThreadProcessId

advapi32

RegSetValueExA
RegCreateKeyA
RegOpenKeyA
RegDeleteKeyA
RegCloseKey

ole32

CoInitialize
CoGetClassObject
CoGetMalloc
CoUninitialize

oleaut32

GetErrorInfo
CreateErrorInfo
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysReAllocString
VariantChangeTypeEx
SafeArrayRedim
SafeArrayDestroy
SafeArrayCreate
SafeArrayLock
SafeArrayUnlock
VariantChangeType
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
DispGetIDsOfNames
DispInvoke
SysAllocString
VariantInit
SetErrorInfo
VariantClear
DispGetParam
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
VariantCopy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServerEx
DllUnregisterServer

Sections

.text
Size: 416KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

740d7cb11304862970f49454448a6e33

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 416KB - Virtual size: 412KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 12KB - Virtual size: 8KB

.rsrc Size: 56KB - Virtual size: 54KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 416KB - Virtual size: 412KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 12KB - Virtual size: 8KB

.rsrc
Size: 56KB - Virtual size: 54KB

.reloc
Size: 20KB - Virtual size: 19KB