cfb108eb325638d0c7f03d6519d2e1e07637db966275641c76cb787081de1fd8

Sharing

Copy URL Twitter E-mail

General

Target

cfb108eb325638d0c7f03d6519d2e1e07637db966275641c76cb787081de1fd8
Size

152KB
MD5

7330fae27c8fa6722593074cf772eb95
SHA1

42ba0bdff5ec82156d90c04ba4009a7589d01748
SHA256

cfb108eb325638d0c7f03d6519d2e1e07637db966275641c76cb787081de1fd8
SHA512

73dff4cd62b271023a5b68ce89b37d52fb69cb8d862f39c3ae488bb529c0df3b014e97d60a96ab3fefdd2bb6a2e4628d699879e794d797891d9897896dd97a19
SSDEEP

1536:XfeSD03lrL1gdUJHIPlO2EaSOrWVa4TTTDa2c9WyvRdj9CICS4A71j11towLaf8D:vkDBBpTbMBB1jXtojf8Pa

Score

N/A

Malware Config

Signatures

Files

cfb108eb325638d0c7f03d6519d2e1e07637db966275641c76cb787081de1fd8
.dll regsvr32 windows x86

2b3c31da0e27b7e8149c48e1d14a0f09

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

KillTimer
TranslateMessage
GetMessageA
SetTimer
CreateWindowExA
RegisterClassExA
wsprintfA
SetWindowPos
DefWindowProcA
ShowWindow
DispatchMessageA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
SystemParametersInfoA

kernel32

RaiseException
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetLocalTime
FreeLibrary
CloseHandle
CreateRemoteThread
LocalFree
GetProcAddress
VirtualAllocEx
OpenProcess
LoadLibraryA
SleepEx
GetModuleFileNameA
GetTickCount
GetCurrentProcessId
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
GetSystemDirectoryA
CreateFileA
WriteFile
GetFileAttributesA
GetFileType
TerminateProcess
GetCurrentProcess
WriteProcessMemory
GetOEMCP
GetACP
ReadFile
SetEndOfFile
SetFilePointer
FlushFileBuffers
TlsGetValue
SetLastError
SetStdHandle
TlsFree
TlsAlloc
GetCPInfo
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetStdHandle
HeapAlloc
HeapFree
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
TlsSetValue
WideCharToMultiByte
GetLastError
MultiByteToWideChar
RtlUnwind
GetCommandLineA
GetVersion
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
LCMapStringA
LCMapStringW
GetCurrentThreadId
SetHandleCount

advapi32

SetEntriesInAclA
SetSecurityInfo
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetSecurityInfo

shell32

StrStrIA

ole32

CoCreateInstance
CoInitialize
CoCreateGuid

oleaut32

VariantInit
SysAllocString
GetErrorInfo

wininet

InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA

netapi32

Netbios

shlwapi

SHSetValueA
SHGetValueA

rpcrt4

UuidToStringA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b3c31da0e27b7e8149c48e1d14a0f09

Headers

File Characteristics

Imports

user32

kernel32

advapi32

shell32

ole32

oleaut32

wininet

netapi32

shlwapi

rpcrt4

psapi

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 24KB - Virtual size: 31KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 24KB - Virtual size: 31KB

.reloc
Size: 8KB - Virtual size: 5KB