bcfad936aa87cd3738e20a8e9fb2d71dcf71ee885c49643e752a6d339979712b

Sharing

Copy URL

Twitter E-mail

General

Target

bcfad936aa87cd3738e20a8e9fb2d71dcf71ee885c49643e752a6d339979712b
Size

152KB
MD5

d91bbb51eca69352eda4f48ef8c13a94
SHA1

ae6f8193bdb9a12ba6b06036521b86492d6ee7e7
SHA256

bcfad936aa87cd3738e20a8e9fb2d71dcf71ee885c49643e752a6d339979712b
SHA512

4aa4a890ada4087415861d5130d7b74e95f9220b8ca1891c6ea760e208298ab772ae569fdf0121af8c20bdb66da4afe98e361f66084b83e7026daeacec52aa82
SSDEEP

1536:T6dzSU36hTlAdQOFHctCkRXOeTmSz80z22TW9lJICS4AUdhTHoOLaOrYDMaD6Y:udWbLAyHVOAilyadhTHoR/DMaD3

Score

N/A

Malware Config

Signatures

Files

bcfad936aa87cd3738e20a8e9fb2d71dcf71ee885c49643e752a6d339979712b
.dll regsvr32 windows x86

cfdb27585a0fa9ef205dc40df1d608cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
DefWindowProcA
SetTimer
KillTimer
RegisterClassExA
SystemParametersInfoA
wsprintfA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
SetWindowPos

kernel32

IsBadCodePtr
IsBadReadPtr
GetOEMCP
GetACP
ReadFile
SetEndOfFile
GetLocalTime
MoveFileExA
CloseHandle
WaitForSingleObject
FreeLibrary
GetProcAddress
LoadLibraryA
DeleteFileA
GetSystemDirectoryA
OpenProcess
GetCurrentProcessId
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
SleepEx
GetTickCount
CreateFileA
GetModuleFileNameA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
CreateProcessA
HeapAlloc
SetFilePointer
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetEnvironmentVariableA
GetModuleHandleA
GetFileType
GetFileAttributesA
IsBadWritePtr
GetCPInfo
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
LocalFree
InterlockedDecrement
InterlockedIncrement
HeapFree
GetLastError
MultiByteToWideChar
RtlUnwind
WideCharToMultiByte
HeapReAlloc
GetCommandLineA
GetVersion
RaiseException
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
LCMapStringA
LCMapStringW
WriteFile
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue

advapi32

SetEntriesInAclA
SetSecurityInfo
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetSecurityInfo

shell32

StrStrIA

ole32

CoInitialize
CoCreateInstance
CoCreateGuid

oleaut32

VariantInit
SysAllocString
GetErrorInfo

shlwapi

SHGetValueA
SHSetValueA

netapi32

Netbios

rpcrt4

UuidToStringA

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

wininet

HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
InternetReadFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfdb27585a0fa9ef205dc40df1d608cc

Headers

File Characteristics

Imports

user32

kernel32

advapi32

shell32

ole32

oleaut32

shlwapi

netapi32

rpcrt4

psapi

wininet

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 24KB - Virtual size: 31KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 24KB - Virtual size: 31KB

.reloc
Size: 8KB - Virtual size: 6KB