bce932f73fbb4a6677c50769bcc9a6b91ff6d32989a513da7c7a2199c3f2fc0a

Sharing

Copy URL Twitter E-mail

General

Target

bce932f73fbb4a6677c50769bcc9a6b91ff6d32989a513da7c7a2199c3f2fc0a
Size

360KB
MD5

b21367fbf34ad09efe4f69f83e7f771c
SHA1

834427d32df0f600945f92efb1b293060613c42e
SHA256

bce932f73fbb4a6677c50769bcc9a6b91ff6d32989a513da7c7a2199c3f2fc0a
SHA512

1ebeaa883f85906fa8a4348480bb8d2844159f864a37503f7d0768ed0be398cd560b400d14f571fc803fae31c084b55260801b9b6237725de2903031d8238ab3
SSDEEP

6144:lzFn4ut3Oy+2xjXfI8wurnB6g4rRGMBDtC4qDEYC7ME6:lzFnj3Q21wILBYRGR4qgb7f6

Score

N/A

Malware Config

Signatures

Files

bce932f73fbb4a6677c50769bcc9a6b91ff6d32989a513da7c7a2199c3f2fc0a
.dll regsvr32 windows x86

1d769ccef73fbbcd3b1a93fb42d8ac43

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetTickCount
GlobalUnlock
lstrcpyA
EnterCriticalSection
LeaveCriticalSection
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
lstrlenW
GetEnvironmentStringsW
DeleteCriticalSection
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
ExitProcess
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
HeapAlloc
RaiseException
HeapFree
GetCommandLineA
RtlUnwind
ReadFile
GetShortPathNameA
InitializeCriticalSection
DisableThreadLibraryCalls
lstrcmpiA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetCurrentProcess
FlushInstructionCache
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GetModuleHandleA
GetModuleFileNameA
lstrcatA
LoadLibraryA
GetProcAddress
GlobalFree
GlobalAlloc
GetEnvironmentStrings
GlobalLock
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
GetFileAttributesA
GetLastError
GetEnvironmentVariableA
SetLastError
TerminateProcess
WaitForSingleObject
SearchPathA
GetVersionExA
Sleep
InterlockedExchange
GetLocalTime
GetCurrentProcessId
GetVersion
FormatMessageA
LocalFree
GetWindowsDirectoryA
lstrcpynA
WriteFile
CreateFileA
SetFilePointer
CloseHandle
CompareStringA
CompareStringW

user32

wsprintfA
CopyRect
OffsetRect
DrawTextA
GetDlgCtrlID
GetDlgItemTextA
GetWindowDC
EnumChildWindows
IntersectRect
GetClassNameA
MessageBeep
BeginPaint
EndPaint
SendMessageA
UpdateWindow
GetWindow
SystemParametersInfoA
MapWindowPoints
CreateDialogIndirectParamA
GetWindowPlacement
ClientToScreen
GetSystemMetrics
SetFocus
SetDlgItemTextA
GetParent
InvalidateRect
DialogBoxParamA
GetSystemMenu
RemoveMenu
LoadStringA
AppendMenuA
GetClientRect
GetClassInfoExA
RegisterClassExA
GetWindowTextLengthA
GetWindowTextA
CallWindowProcA
DefWindowProcA
CreateWindowExA
LoadIconA
ShowWindow
SetWindowRgn
IsIconic
DestroyWindow
GetDesktopWindow
EnableWindow
SetCapture
LoadCursorA
SetCursor
ReleaseCapture
SetWindowTextA
IsWindow
GetDC
ReleaseDC
GetWindowLongA
SetWindowLongA
SetWindowPos
MoveWindow
GetDlgItem
GetSysColor
FillRect
GetWindowRect
ScreenToClient

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
GetObjectA
BitBlt
DeleteDC
DeleteMetaFile
GetTextExtentPoint32A
GetStockObject
Rectangle
CreateRectRgn
GetDeviceCaps
CreateFontIndirectA
CreateSolidBrush
DeleteObject
SaveDC
SelectObject
SetBkMode
SetTextColor
TextOutA
RestoreDC
EnumFontFamiliesExA

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyA

ole32

StringFromCLSID
ProgIDFromCLSID
CoTaskMemFree

oleaut32

GetErrorInfo
CreateErrorInfo
SetErrorInfo
SysFreeString
SysReAllocStringLen
SysAllocString
LoadRegTypeLi
SysAllocStringLen
SysStringLen

winmm

mciSendCommandA
sndPlaySoundA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1d769ccef73fbbcd3b1a93fb42d8ac43

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

winmm

version

shell32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 12KB - Virtual size: 11KB

.text Size: 184KB - Virtual size: 184KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 12KB - Virtual size: 11KB

.text
Size: 184KB - Virtual size: 184KB