6032c70e29d9d7f80c8718efa14d0562a5a377bf6f87c5d556f2a0ee8a0d97fe

Sharing

Copy URL Twitter E-mail

General

Target

6032c70e29d9d7f80c8718efa14d0562a5a377bf6f87c5d556f2a0ee8a0d97fe
Size

172KB
MD5

eb6dd24d2561091640a0cf71603fb340
SHA1

5013f1b5f0b790d60d7558b1af857dfd65f3b3c2
SHA256

6032c70e29d9d7f80c8718efa14d0562a5a377bf6f87c5d556f2a0ee8a0d97fe
SHA512

ba875706304ee564fc69e9eda30b3effadcd0d280caa4519274a41eed8f10e6ffdf371292b83d6d12242dba1f708671ffa0bb53bec89b9cd5b481e32c1bf940a
SSDEEP

3072:hwXzzPZvAiEloWNjHaZYRre4Rm64U74Y/MVvxIZ67/ZW:kZbBWsiRi1Y4Y/MVvaZ67/E

Score

N/A

Malware Config

Signatures

Files

6032c70e29d9d7f80c8718efa14d0562a5a377bf6f87c5d556f2a0ee8a0d97fe
.dll regsvr32 windows x86

fe3a1023b9566cba88b183c47da063c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
lstrlenA
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
GetLastError
lstrlenW
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
GetLongPathNameA
InterlockedDecrement
CreateProcessA
LoadLibraryExA
CloseHandle
FlushFileBuffers
SetStdHandle
IsBadCodePtr
LocalFree
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
RaiseException
GetCPInfo
GetACP
GetOEMCP
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
RtlUnwind
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapSize
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer

user32

CharNextA

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumValueA

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree

oleaut32

RegisterTypeLi
LoadTypeLi
SysAllocString
VarUI4FromStr
SysFreeString
SysStringByteLen
SysAllocStringByteLen
VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe3a1023b9566cba88b183c47da063c2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 104KB - Virtual size: 102KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 104KB - Virtual size: 102KB

.reloc
Size: 8KB - Virtual size: 4KB