df4e530afb3e824d0d0d23c63c47050a6b46b3b91e83d878a0b0428436491159

Sharing

Copy URL Twitter E-mail

General

Target

df4e530afb3e824d0d0d23c63c47050a6b46b3b91e83d878a0b0428436491159
Size

80KB
MD5

01f4d26a8349cf77ac3b38fc11151af0
SHA1

314d2833149973dcafc1012e261dc5488167ba95
SHA256

df4e530afb3e824d0d0d23c63c47050a6b46b3b91e83d878a0b0428436491159
SHA512

674368b8a3b4271383ad9b5a9267e92fd3e17a4ff61da4e8da6572c4e5071ba5bf78aea7f76226ff4d088ccf59734a62629d7c116c52f6c99dce533aa5aa4038
SSDEEP

1536:lyQ7mWqS0e0bwPxqqVYajm6Qrrf8fAB7F0kW3ekw6eNvZjaRY:zSS0i5qqVhu8fABJ0k6uhZjaG

Score

N/A

Malware Config

Signatures

Files

df4e530afb3e824d0d0d23c63c47050a6b46b3b91e83d878a0b0428436491159
.dll regsvr32 windows x86

f514eab381e5f62cd5b433f423cf09db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcsstr
wcscat
_purecall
_wcsupr
_wcsicmp
_except_handler3
??3@YAXPAX@Z
??2@YAPAXI@Z
swprintf
free
malloc
_adjust_fdiv
_initterm
wcscpy

user32

SendMessageW
GetParent
GetWindowLongW
MessageBeep
WinHelpW
LoadStringW
CharNextW
SetWindowLongW
EnableWindow
GetDlgItem
SendDlgItemMessageW

kernel32

GetWindowsDirectoryW
lstrcpynW
GetCurrentProcess
GetModuleHandleW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
lstrlenW
lstrcpyW
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
lstrcatW
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
DisableThreadLibraryCalls
LoadLibraryExA
GetLastError

shlwapi

PathFileExistsW
PathFindExtensionW

shell32

SHChangeNotify
DragQueryFileW
ShellExecuteExW
ord258

advapi32

CheckTokenMembership
AllocateAndInitializeSid
RegDeleteValueW
RegOpenKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyW
FreeSid

ole32

CoCreateInstance
StringFromCLSID
CoTaskMemFree
ReleaseStgMedium

oleaut32

SysAllocString
LoadTypeLi
RegisterTypeLi
SysFreeString

sfc

SfcIsFileProtected

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f514eab381e5f62cd5b433f423cf09db

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

shlwapi

shell32

advapi32

ole32

oleaut32

sfc

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 14KB

.data Size: 57KB - Virtual size: 56KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 15KB - Virtual size: 14KB

.data
Size: 57KB - Virtual size: 56KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 2KB