c60e73ce1da9eade1c7f77f0199fe372979f49f624309e94d41d70cf7c6a55c4

Sharing

Copy URL Twitter E-mail

General

Target

c60e73ce1da9eade1c7f77f0199fe372979f49f624309e94d41d70cf7c6a55c4
Size

314KB
MD5

b50c3395ceeda2daa8cccc30e9b9f910
SHA1

3b6bcb51b6ae19dd4c9a4e54d970339dc6753e0b
SHA256

c60e73ce1da9eade1c7f77f0199fe372979f49f624309e94d41d70cf7c6a55c4
SHA512

61dcf6c7a0ab06f94dbcb90df71abcd166db24305f039b5c1b2fa803abf69e1075a645b152ea8616670989a00ba28e8c8d7dc32f6de3c0fd8ec0a9d5ebda00eb
SSDEEP

6144:aRusyEEso2OiyfCrF2D+pv8ZMc7oJ5rmUMZfRzr:cynDugoIfR

Score

N/A

Malware Config

Signatures

Files

c60e73ce1da9eade1c7f77f0199fe372979f49f624309e94d41d70cf7c6a55c4
.dll regsvr32 windows x86

e9bde87b43a3e0aa40ac846209f73eea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcscmp
wcslen
free
sprintf
_snprintf
_vsnprintf
strrchr
_initterm
malloc
_adjust_fdiv
_except_handler3
wcscat

kernel32

InterlockedCompareExchange
FindClose
FindNextFileW
FindFirstFileW
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
MapViewOfFileEx
CreateFileMappingW
GetFileSizeEx
CloseHandle
UnmapViewOfFile
CreateFileW
GetLastError
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
DeleteFileW
SetEvent
CompareStringW
InterlockedDecrement
CreateDirectoryW
CreateEventW
DisableThreadLibraryCalls
FreeLibrary
GetProcAddress
LoadLibraryW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetFileAttributesW
FormatMessageA
GetCurrentThreadId
LocalFree
LocalAlloc
CreateMutexA
HeapAlloc
GetProcessHeap
GetModuleFileNameA
lstrcpynA
ReleaseMutex
FlushFileBuffers
WriteFile
SetFilePointerEx
CreateFileA
ExpandEnvironmentStringsA
WaitForSingleObject
GetLocalTime
HeapFree

advapi32

RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetFileSecurityW

user32

CharUpperBuffW
wsprintfA

ole32

CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysAllocString
SysFreeString

gdiplus

GdipCloneImage
GdipGetImagePixelFormat
GdipDrawImageRectI
GdiplusStartup
GdiplusShutdown
GdipDrawImagePointsI
GdipDrawImageI
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImageHeight

shfolder

SHGetFolderPathW

wiaservc

wiasSetItemPropAttribs
wiasWritePropLong
wiasCreateDrvItem
wiasSetItemPropNames
wiasQueueEvent
wiasWritePropBin
wiasWritePropGuid
wiasWriteMultiple
wiasGetImageInformation
wiasReadPropLong
wiasReadPropGuid
wiasReadPropStr
wiasWritePropStr
wiasGetDrvItem

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9bde87b43a3e0aa40ac846209f73eea

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

ole32

oleaut32

gdiplus

shfolder

wiaservc

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 52KB

.data Size: 254KB - Virtual size: 254KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 53KB - Virtual size: 52KB

.data
Size: 254KB - Virtual size: 254KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB