9e1ae35ac7a7e4b148b1e56c26d35c8608fb441cd9f25ad99ecd8d26c78778e1

Sharing

Copy URL

Twitter E-mail

General

Target

9e1ae35ac7a7e4b148b1e56c26d35c8608fb441cd9f25ad99ecd8d26c78778e1
Size

144KB
MD5

c27e0ed667f04c540f47feae2587c0b0
SHA1

a91e2d8927fb83203c3dc710be1b2cd0068b666a
SHA256

9e1ae35ac7a7e4b148b1e56c26d35c8608fb441cd9f25ad99ecd8d26c78778e1
SHA512

52ad7f47ebceb853d26c2775e5b0cbd79252b3af205c7443e3691486adf20b58cb6300d6a1082158c72df82147595537c9dae98dce2bbfc6e7be7b7844b38df2
SSDEEP

3072:qzNn/yTZtVv8mexZpYSxvv7romYJ4nyBqmssuxSxfOcGuZ:qzN/qV0pNzrCssux8fW2

Score

N/A

Malware Config

Signatures

Files

9e1ae35ac7a7e4b148b1e56c26d35c8608fb441cd9f25ad99ecd8d26c78778e1
.dll regsvr32 windows x86

df61775eda0706c704f337c2432fb5d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetProcessWindowStation
OpenWindowStationW
GetThreadDesktop
GetProcessWindowStation
OpenDesktopW
CloseWindowStation
SetDlgItemTextW
EndDialog
DialogBoxParamW
CharNextW
SetThreadDesktop
GetDesktopWindow
GetWindowRect
GetClientRect
MapWindowPoints
SetWindowPos
wsprintfA
CloseDesktop
LoadStringW
wsprintfW

kernel32

FreeLibrary
GetProcAddress
LoadLibraryW
DisableThreadLibraryCalls
lstrlenA
SizeofResource
LoadResource
FindResourceW
GetLastError
LoadLibraryExW
GetShortPathNameW
SetFilePointer
CreateFileW
CloseHandle
LocalFree
WriteConsoleW
GetStdHandle
FlushFileBuffers
WriteFile
WideCharToMultiByte
FormatMessageW
FindClose
FindNextFileW
CopyFileW
CreateDirectoryW
FindFirstFileW
GetLocalTime
GetSystemDirectoryW
GetConsoleOutputCP
lstrcmpW
HeapDestroy
lstrcpynW
lstrcmpiW
InterlockedDecrement
GetComputerNameW
GetModuleFileNameW
CreateProcessW
GetExitCodeProcess
SetFileAttributesW
DeleteFileW
ReleaseMutex
WaitForSingleObject
GetModuleHandleW
TerminateProcess
LockResource
InterlockedCompareExchange
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrcpyW
lstrlenW
MultiByteToWideChar
ExpandEnvironmentStringsW
GetCurrentProcessId
GetVersionExA
GetModuleHandleA
VirtualQueryEx
GetModuleFileNameA
lstrcpyA
lstrcatA
CreateMutexW
GetWindowsDirectoryW
IsDebuggerPresent
GetCurrentProcess
GetCurrentThread
GetThreadContext
GetCurrentThreadId
DebugBreak
SetThreadUILanguage
lstrcatW

ole32

CoGetObjectContext
CoCreateGuid
StringFromCLSID
CoSetProxyBlanket
CLSIDFromString
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoCreateInstanceEx

oleaut32

SysAllocStringLen
SysAllocString
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
SysStringLen
VariantClear
SysFreeString

advapi32

DeregisterEventSource
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegisterEventSourceW
ReportEventW
RegQueryValueExW

msvcrt

_onexit
__dllonexit
?terminate@@YAXXZ
_adjust_fdiv
_initterm
_wsetlocale
_except_handler3
printf
wcschr
swprintf
_purecall
__CxxFrameHandler
realloc
malloc
wcslen
wcscpy
wcscat
wcsrchr
_vsnwprintf
_waccess
_wstrtime
_wstrdate
_wcsicmp
free

comres

COMResModuleInstance

version

VerQueryValueW

ntdll

RtlInitializeCriticalSection

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df61775eda0706c704f337c2432fb5d8

Headers

File Characteristics

Imports

user32

kernel32

ole32

oleaut32

advapi32

msvcrt

comres

version

ntdll

Exports

Exports

Sections

.text Size: 69KB - Virtual size: 69KB

.data Size: 64KB - Virtual size: 75KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 69KB - Virtual size: 69KB

.data
Size: 64KB - Virtual size: 75KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 3KB