96163c6f415c9bd63ad397d467ed27f4ec9c766042c77cc1589e4ab69bf54d2c

Sharing

Copy URL Twitter E-mail

General

Target

96163c6f415c9bd63ad397d467ed27f4ec9c766042c77cc1589e4ab69bf54d2c
Size

200KB
MD5

e066c4dca264a7b77ded8f6340184b2f
SHA1

5557d5655c5bc42991c1f90062208e806f4c8d97
SHA256

96163c6f415c9bd63ad397d467ed27f4ec9c766042c77cc1589e4ab69bf54d2c
SHA512

d18020326d2daba207759c9042d72b69a31d176f318a6ef24cfa19f34266bdcd91a9f74f3fc836fa94bb27eca5b2d220fafd45a301f151c6d59aea570ce68736
SSDEEP

6144:Caxt5plBgkB/PLSYNkclwO9VtitfjFFTa+dXfNJxVFKu:CelDN0hFe+BfM

Score

N/A

Malware Config

Signatures

Files

96163c6f415c9bd63ad397d467ed27f4ec9c766042c77cc1589e4ab69bf54d2c
.dll regsvr32 windows x86

5027d3ff2b96859db84ea1ae133f28af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord823
ord825

msvcrt

malloc
free
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
__CxxFrameHandler
_purecall
wcslen
wcsncpy
_except_handler3
_wcsnicmp

atl

ord16
ord18
ord22
ord15
ord32
ord21

kernel32

GetProcAddress
LoadLibraryW
SetLastError
Sleep
OutputDebugStringA
LoadLibraryA
CreateThread
TryEnterCriticalSection
GlobalFree
GlobalSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcess
CloseHandle
GetLastError
lstrlenW
GetCurrentThreadId
GlobalLock
EnterCriticalSection
LeaveCriticalSection
DisableThreadLibraryCalls
lstrcmpiW
GetModuleFileNameW
GetModuleHandleW
UnhandledExceptionFilter
GlobalUnlock

user32

GetDlgCtrlID
WinHelpW
GetWindowTextLengthW
UpdateWindow
GetDlgItem
PostMessageW
SendMessageW
RegisterClipboardFormatW
LoadStringW
wsprintfW
ShowWindow
SetWindowTextW
GetWindowTextW
SetWindowLongW
CheckDlgButton
IsDlgButtonChecked
GetWindowLongW
EndDialog
SetFocus
IsWindow
SendDlgItemMessageW
GetActiveWindow
DialogBoxParamW
MessageBoxW
EnableWindow

advapi32

RegOpenKeyExA
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExA
RegEnumKeyExW
RegOpenKeyW
RegDeleteValueW
RegSetValueExW
RegDeleteKeyW
RegCloseKey

netapi32

NetMessageBufferSend

ole32

CoCreateInstance
ReleaseStgMedium
StringFromCLSID
CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5027d3ff2b96859db84ea1ae133f28af

Headers

File Characteristics

Imports

mfc42

msvcrt

atl

kernel32

user32

advapi32

netapi32

ole32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 173KB - Virtual size: 172KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 173KB - Virtual size: 172KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB