ece6bd3208b640b8f3c35196f5e25d748c5a6fb6d756077976924e4e9418fbf0

Sharing

Copy URL Twitter E-mail

General

Target

ece6bd3208b640b8f3c35196f5e25d748c5a6fb6d756077976924e4e9418fbf0
Size

160KB
MD5

25e0e6112dbd6d347773c9273e7078d0
SHA1

c8603052b7da39bf4c1da9b5204a068ce1ee98cd
SHA256

ece6bd3208b640b8f3c35196f5e25d748c5a6fb6d756077976924e4e9418fbf0
SHA512

c72fadcb90bb0deec7f01a823cc979246e5a3c3849383550016d17791b684103886e22663cc6019937ccd2edb16a3b4e92df8ef50d7a455a6de12d78802f79a7
SSDEEP

3072:iVRjQWmen9MwQwcnRaI3sdHz5yhoU+6tn:0jQWmhdaI3sVz5B6t

Score

N/A

Malware Config

Signatures

Files

ece6bd3208b640b8f3c35196f5e25d748c5a6fb6d756077976924e4e9418fbf0
.dll regsvr32 windows x86

9643375901e5114df3a751d98b0d56c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SystemParametersInfoA
SetWindowPos
DispatchMessageA
TranslateMessage
CreateWindowExA
RegisterClassExA
EnumWindows
EnumChildWindows
wsprintfA
ShowWindow
GetMessageA
KillTimer
SetTimer
DefWindowProcA
GetClassNameA
GetWindowThreadProcessId

kernel32

IsBadCodePtr
IsBadReadPtr
MoveFileExA
CloseHandle
WaitForSingleObject
CreateProcessA
GetProcAddress
LoadLibraryA
DeleteFileA
GetSystemDirectoryA
GetLocalTime
SleepEx
GetModuleFileNameA
CreateFileA
OpenProcess
GetTickCount
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
GetCurrentProcessId
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FreeLibrary
WideCharToMultiByte
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentVariableA
GetModuleHandleA
LCMapStringW
ReadFile
SetEndOfFile
SetFilePointer
FlushFileBuffers
SetStdHandle
SetUnhandledExceptionFilter
LCMapStringA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
LocalFree
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetFileType
HeapAlloc
HeapFree
GetLastError
MultiByteToWideChar
HeapReAlloc
GetCommandLineA
GetVersion
RaiseException
EnterCriticalSection
LeaveCriticalSection
WriteFile
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetFileAttributesA
IsBadWritePtr

advapi32

SetEntriesInAclA
SetSecurityInfo
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetSecurityInfo

shell32

StrStrIA

ole32

CoInitialize
CoCreateGuid
CoCreateInstance

oleaut32

VariantInit
SysAllocString
GetErrorInfo

shlwapi

SHGetValueA
SHSetValueA

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

netapi32

Netbios

wininet

InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA

rpcrt4

UuidToStringA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9643375901e5114df3a751d98b0d56c0

Headers

File Characteristics

Imports

user32

kernel32

advapi32

shell32

ole32

oleaut32

shlwapi

psapi

netapi32

wininet

rpcrt4

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 24KB - Virtual size: 31KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 24KB - Virtual size: 31KB

.reloc
Size: 8KB - Virtual size: 6KB