efe4cea059ad6164cde22df0d7ba58598404911e95c4690618fdd8786b4229ec

Sharing

Copy URL Twitter E-mail

General

Target

efe4cea059ad6164cde22df0d7ba58598404911e95c4690618fdd8786b4229ec
Size

188KB
MD5

ba554487e57425f3c64c2ae8f8f3c210
SHA1

6292f903af78b8deaa9bdfa4f572245448f3e288
SHA256

efe4cea059ad6164cde22df0d7ba58598404911e95c4690618fdd8786b4229ec
SHA512

91b7847456bc90f3b9a434c9a5c71db380d3759ce355b92e6b61ab92c4cc6f2b2459b4dfc2fb7f6a5428037f9157dea4bb81efceadb48be7317121012bc7ec19
SSDEEP

3072:aRJHaqHOjQxHtI52Ldr/4TCpyxuK0foCBxlDtliAmaFDwsdQwNZZD:MdaaOjKE2BwTwrK0ftDtl1maFDwsdQwt

Score

N/A

Malware Config

Signatures

Files

efe4cea059ad6164cde22df0d7ba58598404911e95c4690618fdd8786b4229ec
.dll regsvr32 windows x86

b0b8e539c4103bbe08ac69432e6eeca1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
GetCurrentProcess
InitializeCriticalSection
DisableThreadLibraryCalls
FindFirstFileW
FindNextFileW
FindClose
FormatMessageW
LocalAlloc
WaitForMultipleObjects
LoadLibraryW
GetLastError
lstrlenA
lstrcmpW
GetLocaleInfoW
GetVersionExW
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
GetModuleFileNameW
GetComputerNameW
lstrcpynW
GetModuleHandleW
GetProcAddress
lstrlenW
WaitForSingleObject
GetCurrentThreadId
CreateThread
Sleep
SetEvent
CloseHandle
CreateEventW
LocalFree
ResetEvent

shell32

StrCpyNW
StrStrW
StrChrW

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SafeArrayUnaccessData
SysAllocStringLen
SafeArrayAccessData
VariantInit
SafeArrayCreateVector
SysStringLen
LoadRegTypeLi
DispCallFunc
SysAllocString

shfolder

SHGetFolderPathW

wininet

HttpSendRequestW
HttpOpenRequestW
InternetReadFile
InternetCloseHandle
InternetCrackUrlW
InternetOpenW
InternetConnectW

atl

ord18
ord15
ord16
ord21
ord57
ord30
ord58
ord11
ord10
ord32
ord23

msvcp60

?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

msvcrt

malloc
_adjust_fdiv
_initterm
??2@YAPAXI@Z
__CxxFrameHandler
time
strlen
_CxxThrowException
memcpy
_purecall
memcmp
memset
printf
strtol
strchr
free
__dllonexit
_onexit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ

user32

wsprintfA
wsprintfW

shlwapi

StrNCatW
StrToIntW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0b8e539c4103bbe08ac69432e6eeca1

Headers

File Characteristics

Imports

kernel32

shell32

ole32

oleaut32

shfolder

wininet

atl

msvcp60

msvcrt

user32

shlwapi

Exports

Exports

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 10KB - Virtual size: 9KB