630963bb2c0dc461444be1756c4dba5c11fbf45fe7ea974816681865b4f9b805

Sharing

Copy URL Twitter E-mail

General

Target

630963bb2c0dc461444be1756c4dba5c11fbf45fe7ea974816681865b4f9b805
Size

356KB
MD5

d9d52b05cf24a9fb85d735f0ac31d970
SHA1

0a3815bcdc661b3e8aeabd8c941b7f5a6879fd3f
SHA256

630963bb2c0dc461444be1756c4dba5c11fbf45fe7ea974816681865b4f9b805
SHA512

da321ebbf5742d9ba7cddca66f49ca2b953544abcf0dc60c904c220d1db08733d2050c97bdf498187b4060407d4cee1cb04f15c3d161f8845719b7e8f8960779
SSDEEP

6144:+b/hYIBQU2jM0RcJQNaPup3duy2bQo72a0ygOAcyUoz28pqJdlMEw6e43XQcq6:+b/JBQU+Rn3dD2f72agYQcV

Score

N/A

Malware Config

Signatures

Files

630963bb2c0dc461444be1756c4dba5c11fbf45fe7ea974816681865b4f9b805
.dll regsvr32 windows x86

81d2ed5ed8628a135af10bc8ddd8ff53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
Sleep
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcessHeap
HeapFree
WideCharToMultiByte
LoadLibraryW
GlobalHandle
GlobalFree
GetModuleHandleW
LoadLibraryExW
SizeofResource
FreeLibrary
lstrcmpW
LoadResource
LockResource
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
SetLastError
lstrlenA
lstrlenW
MultiByteToWideChar
DisableThreadLibraryCalls
GetModuleFileNameW
GlobalLock
GlobalUnlock
FindResourceW
MulDiv
GlobalAlloc
GetCurrentProcess
FlushInstructionCache
lstrcmpiW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
InterlockedCompareExchange

user32

GetNextDlgTabItem
SendDlgItemMessageW
GetWindow
IsChild
GetDlgItem
SetWindowContextHelpId
ReleaseDC
ShowWindow
SendMessageW
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
DrawTextW
GetSysColor
SetWindowPos
CreateWindowExW
GetWindowLongW
LoadImageW
SetWindowLongW
CharNextW
PtInRect
UnionRect
MapDialogRect
GetClassInfoExW
LoadCursorW
EndPaint
GetClientRect
BeginPaint
CallWindowProcW
DefWindowProcW
DestroyWindow
SetFocus
GetFocus
GetParent
EnableWindow
SystemParametersInfoW
IsDialogMessageW
CopyAcceleratorTableW
GetKeyState
IsWindow
InvalidateRect
RegisterClassExW
MoveWindow
ClientToScreen
ScreenToClient
InvalidateRgn
RedrawWindow
SetCapture
GetClassNameW
ReleaseCapture
FillRect
GetDesktopWindow
DestroyAcceleratorTable
CreateAcceleratorTableW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
RegisterWindowMessageW
CreateDialogIndirectParamW
EnumChildWindows
PostMessageW
SetTimer
KillTimer
IsWindowEnabled
SetDlgItemTextW
GetDialogBaseUnits
SetRect
CopyRect
DrawFrameControl
InflateRect
GetDlgItemTextW
DrawFocusRect
DrawTextA
GetWindowRect
GetDC
UnregisterClassA

gdi32

SetBkMode
SetTextColor
Rectangle
SelectObject
GetStockObject
CreateDCW
DeleteDC
SetViewportOrgEx
SetMapMode
SetBkColor
GetObjectW
DeleteObject
CreateCompatibleBitmap
CreateMetaFileW
BitBlt
CreateSolidBrush
GetTextExtentPointW
GetTextMetricsW
CreateFontIndirectW
Polyline
CreatePen
DPtoLP
GetTextExtentPoint32W
SelectClipRgn
CreateRectRgn
Polygon
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
CreateCompatibleDC
LPtoDP
GetDeviceCaps

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

ole32

OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoCreateInstance
OleSaveToStream
WriteClassStm
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CreateOleAdviseHolder
OleLoadFromStream
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

CreateErrorInfo
SetErrorInfo
GetErrorInfo
OleTranslateColor
OleCreateFontIndirect
OleCreatePropertyFrame
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
DispCallFunc
LoadTypeLi
SysAllocString
SysAllocStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringByteLen
SysStringLen
SysFreeString
SysStringByteLen

msvcr80

__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
?terminate@@YAXXZ
memmove_s
_itoa_s
wcsstr
_purecall
??2@YAPAXI@Z
??_U@YAPAXI@Z
_resetstkoflw
swprintf_s
memset
calloc
_recalloc
__CxxFrameHandler3
wcscat_s
wcsncpy_s
wcscpy_s
_CxxThrowException
memcpy_s
free
malloc
??_V@YAXPAX@Z
??3@YAXPAX@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

81d2ed5ed8628a135af10bc8ddd8ff53

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

msvcr80

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 164KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 16KB - Virtual size: 13KB

.rsrc Size: 20KB - Virtual size: 17KB

.reloc Size: 20KB - Virtual size: 16KB

.text Size: 64KB - Virtual size: 64KB

.text
Size: 168KB - Virtual size: 164KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 20KB - Virtual size: 17KB

.reloc
Size: 20KB - Virtual size: 16KB

.text
Size: 64KB - Virtual size: 64KB