f1a678ae4c433bb34ed732fc19b436d0afaff476d96a19f34d06c0fbfffd086b

Sharing

Copy URL

Twitter E-mail

General

Target

f1a678ae4c433bb34ed732fc19b436d0afaff476d96a19f34d06c0fbfffd086b
Size

92KB
MD5

0517fc23162af3aedf71b0ddc7b70ff0
SHA1

179ac319d313a5438f57c7220c4b95c28fff3f15
SHA256

f1a678ae4c433bb34ed732fc19b436d0afaff476d96a19f34d06c0fbfffd086b
SHA512

d562158bd008d1fd0168c570cc406c2159b2f92abb245ef87797424f6921ae3e187168074210c5ea50968fca85d7aa595533d7a351bb37c55e876d16bad2de9d
SSDEEP

1536:KfkZpOw0dW0N1AQMwM24vjeC23ACfe9jGTA7zt7zIKamJj:6kZadW0/ZMwMLanwCfQKA7h7UKamJj

Score

N/A

Malware Config

Signatures

Files

f1a678ae4c433bb34ed732fc19b436d0afaff476d96a19f34d06c0fbfffd086b
.dll regsvr32 windows x86

ac8e4f7ecef284ace308ef00e46c7a39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
GetModuleHandleA
LeaveCriticalSection
CreateFileMappingA
InitializeCriticalSection
LocalFree
MoveFileA
CloseHandle
CreateThread
GetProcAddress
GetCurrentProcessId
GetLastError
VirtualQuery
LoadLibraryA
GetSystemTimeAsFileTime
EnterCriticalSection
CopyFileA
ReleaseMutex
GetTickCount
Sleep
CreateProcessA
ReadFile
VirtualProtect
GlobalAlloc
WaitForSingleObject
CreateMutexA
GetProcessHeap
DeleteFileA
CreateDirectoryA
HeapFree
InterlockedDecrement
GetSystemWindowsDirectoryA
GetModuleFileNameW
CopyFileW
UpdateResourceA
LocalSize
TransactNamedPipe
FindFirstFileA
TerminateProcess
SetConsoleCursorPosition
GetFullPathNameA
OpenMutexA
GetWindowsDirectoryW
GetTempPathA
FindFirstVolumeW
GetEnvironmentVariableA
CreateEventW
IsBadReadPtr
SetVolumeLabelW
SetConsoleActiveScreenBuffer
CreateTimerQueueTimer
GetVolumePathNamesForVolumeNameW
GetCurrentDirectoryW
UnregisterWait
ConnectNamedPipe
DeleteTimerQueueTimer
GetSystemPowerStatus
GetCurrentThread
PeekConsoleInputA
FindVolumeMountPointClose
GetSystemTimeAdjustment
CreateSemaphoreA
CopyFileExW
VirtualAlloc
FindClose
DosDateTimeToFileTime
HeapSize
FreeConsole
VirtualAllocEx
FindNextVolumeW
SetLastError
LCMapStringW
IsValidCodePage
lstrcmpiA
FindResourceW
GetSystemDefaultUILanguage
ConvertDefaultLocale
VerifyVersionInfoW
GlobalFindAtomW
GetProcessAffinityMask
BindIoCompletionCallback
HeapWalk
GetFileAttributesW
SearchPathA
DuplicateHandle
CreateWaitableTimerW
GetBinaryTypeA
SetFileAttributesA
RemoveDirectoryW
CreateRemoteThread
SetVolumeLabelA
GetUserDefaultLangID
GetFileTime
PulseEvent
ResumeThread
GetTempFileNameA
lstrcpyW
GetTimeFormatA
GetCommandLineA
GetProfileStringW
GetCurrentDirectoryA
ExpandEnvironmentStringsW
OpenSemaphoreA
VerifyVersionInfoA
GetStdHandle
GetDriveTypeW
AssignProcessToJobObject
QueueUserAPC
PeekConsoleInputW
WriteConsoleInputA
FindCloseChangeNotification
GetSystemDirectoryA
GetShortPathNameA
WriteConsoleW
QueryPerformanceFrequency
SetInformationJobObject
GlobalFree
PostQueuedCompletionStatus
TerminateThread
CreateWaitableTimerA
EnumResourceLanguagesW
CancelIo
GetProfileSectionA
GetUserDefaultUILanguage
VirtualUnlock
GetNumberFormatW
FindFirstFileExW
SetEnvironmentVariableW
GetFileType
SetFileTime
SetConsoleCtrlHandler
SetWaitableTimer
SwitchToThread
GetExitCodeProcess
SearchPathW
FindResourceA
DeleteTimerQueueEx
GetFileSizeEx
SuspendThread

shlwapi

SHDeleteKeyA
UrlUnescapeW
StrChrW
SHRegGetBoolUSValueW
StrCmpNIA
StrCmpIW
PathRemoveBackslashW
PathIsDirectoryW
SHAutoComplete
PathFindExtensionA
UrlGetPartW
PathCommonPrefixW
StrFormatByteSizeW
StrStrA
wvnsprintfW
PathRemoveBlanksW
SHSetValueW
PathGetCharTypeW
StrStrIA
PathAddExtensionW
SHSetValueA
StrCpyNW
StrCmpW
UrlCreateFromPathW
StrCatBuffA
PathFindExtensionW
UrlCombineW
PathGetArgsW
PathRemoveExtensionW
SHRegSetPathW
PathIsUNCServerW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac8e4f7ecef284ace308ef00e46c7a39

Headers

File Characteristics

Imports

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB