fbee58d4dff29d386c38efcd414ffe53ae6686acd60bd5dca163c415608048a3

Sharing

Copy URL Twitter E-mail

General

Target

fbee58d4dff29d386c38efcd414ffe53ae6686acd60bd5dca163c415608048a3
Size

183KB
MD5

52bf23bf533724e1ab6069e08e48b940
SHA1

2c6c9f1f8e98ba095255f4706a247c93bd492ce6
SHA256

fbee58d4dff29d386c38efcd414ffe53ae6686acd60bd5dca163c415608048a3
SHA512

ab3a195662df6933f0979aa3f1c4cfae5fe5b62e628cd42d6b8aaf9e6a3909a17e6072ba1cc9060eaba144f635d2a7db768cf6269630e4556a9e9296d5f46dae
SSDEEP

3072:JA/wze4v9BT+xpYw8p4OxszmlazvHaAkOrmGZfbWBDe3vI+IgEuanSxVFKQDn:JA/wze4vmguOxgaARmGZfbMDqA+Suy

Score

N/A

Malware Config

Signatures

Files

fbee58d4dff29d386c38efcd414ffe53ae6686acd60bd5dca163c415608048a3
.dll regsvr32 windows x86

08ba78f86badf07523664f2997d3e6e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord1648
ord2458
ord5297
ord5310
ord5304
ord6383
ord5440
ord6394
ord5450
ord823
ord3663
ord825
ord1238

msvcrt

srand
malloc
free
localtime
mktime
time
_onexit
__dllonexit
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_purecall
strstr
sprintf
_ftol
memmove
__CxxFrameHandler
rand
strtoul
isdigit
strncmp
strtol
wcsstr
wcslen
__RTDynamicCast
_except_handler3

atl

ord18
ord22
ord23
ord15
ord21
ord16
ord32

advapi32

RegCloseKey
GetUserNameA
RegOpenKeyExA
RegQueryValueExA

kernel32

InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
IsBadWritePtr
InterlockedDecrement
EnterCriticalSection
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
DisableThreadLibraryCalls
SetLastError
LeaveCriticalSection
GetLastError
lstrlenA
lstrcpyA

ole32

CoCreateFreeThreadedMarshaler

oleaut32

VariantInit
SafeArrayCreate
VariantCopy
SysReAllocStringLen
SetErrorInfo
LoadRegTypeLi
VariantClear
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString

ws2_32

WSACleanup
WSAStartup
gethostname
gethostbyname
ntohl
htons
connect
getsockname
closesocket
WSAGetLastError
socket
inet_addr

msvcirt

??6ostream@@QAEAAV0@PBD@Z
??_Dostrstream@@QAEXXZ
??6ostream@@QAEAAV0@K@Z
??6ostream@@QAEAAV0@J@Z
??6ostream@@QAEAAV0@E@Z
??1ios@@UAE@XZ
??0ostrstream@@QAE@PADHH@Z
??1ostrstream@@UAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08ba78f86badf07523664f2997d3e6e4

Headers

File Characteristics

Imports

mfc42

msvcrt

atl

advapi32

kernel32

ole32

oleaut32

ws2_32

msvcirt

Exports

Exports

Sections

.text Size: 89KB - Virtual size: 89KB

.data Size: 66KB - Virtual size: 68KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 89KB - Virtual size: 89KB

.data
Size: 66KB - Virtual size: 68KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 12KB - Virtual size: 12KB