cbeff5226356fd0e99cd69b7f33541acceddab2ca64b2cba7ad15842f310ee89

Sharing

Copy URL Twitter E-mail

General

Target

cbeff5226356fd0e99cd69b7f33541acceddab2ca64b2cba7ad15842f310ee89
Size

92KB
MD5

f9d80dc9590a029d635c5fe28b0654b4
SHA1

f8751429d6d4ed9488a7ab6450aa2996f7a698fb
SHA256

cbeff5226356fd0e99cd69b7f33541acceddab2ca64b2cba7ad15842f310ee89
SHA512

e81f9fb59e8f5f967dfbbd444ac06469c44f57a388068528b52e3db08e8f563bb6e9b085f4a6fe553592f118cc321ab1f94cee416f6e0dd838fcc67dc8c179e2
SSDEEP

1536:P6NYpXTQ1c5vLgDkMNXsoum/neZTNOLX38itgZaqX4a5pWj1xf:PWYycMImX/nuwz38itwDX4ar

Score

N/A

Malware Config

Signatures

Files

cbeff5226356fd0e99cd69b7f33541acceddab2ca64b2cba7ad15842f310ee89
.dll regsvr32 windows x86

e4fba58a481b919b07ee0014cc334a01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameW
SetFileApisToOEM
IsValidLocale
WriteProfileStringW
GetLocaleInfoA
MoveFileW
WideCharToMultiByte
lstrlenA
WinExec
GetFileType
TerminateJobObject
lstrcmpiA
GetLogicalDrives
FlushFileBuffers
FindNextFileW
GlobalFindAtomW
RemoveDirectoryA
ReadConsoleA
GetExitCodeProcess
DeleteVolumeMountPointW
FindActCtxSectionGuid
DeviceIoControl
HeapValidate
SearchPathA
FindClose
IsBadWritePtr
GetLogicalDriveStringsA
SetLastError
GetBinaryTypeA
CreateJobObjectW
WriteConsoleW
GetComputerNameW
IsDBCSLeadByte
BindIoCompletionCallback
SizeofResource
GlobalDeleteAtom
CompareFileTime
GetTempFileNameA
FormatMessageW
SetEvent
MoveFileExW
ReadConsoleInputA
SetStdHandle
ReadConsoleInputW
GetStringTypeExW
SetEnvironmentVariableW
GetCommTimeouts
SetEnvironmentVariableA
HeapCompact
SetConsoleScreenBufferSize
EnumResourceLanguagesA
GetLongPathNameW
VirtualFree
CreateConsoleScreenBuffer
SetEndOfFile
GetDiskFreeSpaceA
CreateSemaphoreA
GetEnvironmentStrings
LocalAlloc
InterlockedExchangeAdd
OpenEventA
lstrcmpiW
SearchPathW
FreeResource
GetUserDefaultLangID
VirtualAllocEx
GlobalFree
lstrcmpA
SetHandleCount
GetCPInfo
ConnectNamedPipe
FindNextFileA
CreateWaitableTimerW
InterlockedCompareExchange
GlobalGetAtomNameW
QueryPerformanceFrequency
FindResourceExA
GetDefaultCommConfigW
ClearCommBreak
ReadConsoleW
GetCurrencyFormatA
SetCommTimeouts
GetStdHandle
UpdateResourceA
CompareStringW
GetSystemWow64DirectoryW
FileTimeToDosDateTime
GetStartupInfoA
FindResourceExW
LocalFileTimeToFileTime
GetDiskFreeSpaceW
DeleteTimerQueue
HeapSize
GetStartupInfoW
FindCloseChangeNotification
GetSystemWindowsDirectoryA
lstrcatA
EndUpdateResourceA
TryEnterCriticalSection
CopyFileW
CreateTimerQueueTimer
CreateActCtxW
GlobalAddAtomA
CreateEventA
IsBadReadPtr
PulseEvent
WaitCommEvent
LCMapStringW
GetSystemDirectoryW
FillConsoleOutputCharacterW
FreeLibraryAndExitThread
lstrcpynW
VirtualQueryEx
CompareStringA
GetWindowsDirectoryW
TerminateProcess
LocalHandle
GetProfileStringW
GlobalAddAtomW
TerminateThread
FreeConsole
SetFilePointerEx
FindAtomA
lstrcpyA
HeapWalk
GetThreadContext
CreateProcessW
SetInformationJobObject
GetSystemTimeAdjustment
LocalSize
SetCurrentDirectoryW
GetCommProperties
EnterCriticalSection
InterlockedIncrement
CreateFileA
DeleteFileA
HeapAlloc
WriteFile
GetComputerNameA
GetTickCount
GetLastError
CreateMutexA
HeapFree
CopyFileA
LocalFree
InterlockedExchange
MapViewOfFile
VirtualProtect
LeaveCriticalSection
LoadLibraryA
ExpandEnvironmentStringsA
CreateFileMappingA
CreateThread
CloseHandle
ReleaseMutex
Sleep
VirtualQuery
GetProcAddress
GlobalAlloc
GetCurrentProcessId
SetNamedPipeHandleState

user32

MoveWindow
DrawTextExA
InsertMenuItemW
ScrollWindowEx
SendMessageTimeoutW
SetPropA
CheckMenuItem
GetGUIThreadInfo
CreateWindowExW
TranslateMessage
SetProcessWindowStation
CharLowerA
MapVirtualKeyW
MapVirtualKeyA
SystemParametersInfoA
ToAsciiEx
GetClassNameW
BeginDeferWindowPos
GetUserObjectInformationW
TabbedTextOutW
CallMsgFilterW
GetScrollInfo
GetFocus
DrawTextW
RemoveMenu
PostMessageW
CharPrevW
DrawTextA
ToUnicodeEx
MonitorFromRect
MonitorFromPoint
GetInputState
GetMessagePos
SetDlgItemTextW
IsCharAlphaW
GetActiveWindow
IntersectRect
SendDlgItemMessageW
GetComboBoxInfo
SetCursor
MessageBoxW
MessageBeep
SetWindowTextW
OpenDesktopA
FindWindowW
ChangeDisplaySettingsExW
TabbedTextOutA
GetWindowInfo
UnpackDDElParam
GetMenuItemInfoA
GetShellWindow
SetTimer
SetCursorPos
LoadStringA
OemToCharA
CharToOemA
SetWindowLongW
CreateDialogIndirectParamW
RemovePropW
InternalGetWindowText
GetDC
GetNextDlgGroupItem
DrawIconEx
CharLowerW
CreateAcceleratorTableW
GetMonitorInfoA
SetWindowTextA
GrayStringA
GetDlgItemTextW
SystemParametersInfoW
GetCaretPos
InSendMessage
GetMenuItemID
VkKeyScanW
TrackPopupMenu
CharUpperW
GetPropW
CallWindowProcA
EndDeferWindowPos
ChangeDisplaySettingsA
NotifyWinEvent
wsprintfA
IsDlgButtonChecked
DeleteMenu
TranslateAcceleratorA
SetWindowWord
PackDDElParam
RemovePropA
TrackPopupMenuEx
CharUpperA
IsDialogMessageA
LoadCursorA
IsCharAlphaNumericA
GetNextDlgTabItem
GetTabbedTextExtentA
ReleaseCapture
GetUserObjectInformationA
SetClassLongA
wvsprintfW
CharUpperBuffW
WindowFromPoint
SendInput
OpenIcon
DefWindowProcA
ExitWindowsEx
EnableWindow
InsertMenuItemA
DrawFocusRect
UnregisterClassA
DestroyCursor
ModifyMenuA
CharNextA
CreateDialogIndirectParamA
LoadIconW
RegisterWindowMessageW
GetTopWindow
GetMenuItemInfoW
BroadcastSystemMessageW
LoadAcceleratorsA
IsCharAlphaA
InvertRect
CallNextHookEx
UnhookWindowsHookEx
PeekMessageA
GetClassNameA
DispatchMessageA
GetWindowThreadProcessId
ModifyMenuW

shlwapi

SHGetValueA
StrCmpIW
UrlCombineW
PathCombineW
SHDeleteValueW
UrlEscapeW
PathAddExtensionW
PathIsUNCW
StrRetToStrW
PathRemoveBackslashW
PathUnquoteSpacesW
PathRemoveExtensionW
SHCreateShellPalette
StrStrIA
PathRenameExtensionW
StrCmpW
PathGetCharTypeA
PathGetCharTypeW
PathIsDirectoryA
StrChrW
PathFileExistsA
UrlCreateFromPathW
StrCatBuffW
PathBuildRootW
PathIsRootW
PathIsNetworkPathW
StrTrimW
PathIsDirectoryW
StrStrA
PathIsUNCServerW
UrlUnescapeW
PathFindFileNameA

shell32

SHCreateShellItem
CommandLineToArgvW
ShellAboutW
SHGetFileInfoA
SHGetSettings
ShellExecuteA
ShellExecuteW
SHBrowseForFolderA
SHParseDisplayName
SHGetInstanceExplorer
ExtractIconW
DragFinish
ShellExecuteExW
SHPathPrepareForWriteW
SHBindToParent
SHGetPathFromIDListW
SHGetFolderPathA

gdi32

CreateDIBitmap
WidenPath
StartDocW
SetWindowExtEx
GetCharWidthW
GetPixel
CreateDIBPatternBrushPt
LPtoDP
CreateDCW
GetRegionData
EnumFontFamiliesExW
GetLayout
GetTextCharsetInfo
GetCharABCWidthsW
ExtEscape
AbortPath
EnumMetaFile
GetPolyFillMode
PlayMetaFile
DPtoLP
OffsetViewportOrgEx
Escape
PtVisible
GetTextExtentPointW
CreatePen
AnimatePalette
SelectObject
CreateRectRgnIndirect
SetSystemPaletteUse
ArcTo
GetDCOrgEx
GetEnhMetaFileA
CreatePenIndirect
GetViewportExtEx
InvertRgn
CreatePalette
SelectPalette
CreateFontIndirectW
GetStockObject
CreateFontW
ScaleViewportExtEx
SetMetaFileBitsEx
SetViewportExtEx
GetCurrentPositionEx
UnrealizeObject
SetColorAdjustment
SetBkMode
PlayEnhMetaFile
SetMapperFlags
MoveToEx
EqualRgn
CreateBrushIndirect
CreatePolygonRgn
TextOutA
CreateMetaFileA
CreateDCA
GetGlyphOutlineA
GetCharacterPlacementA
EnumFontFamiliesA
SetRectRgn
LineTo
ModifyWorldTransform
SetBkColor
GetPaletteEntries
FillRgn
EnumFontFamiliesExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4fba58a481b919b07ee0014cc334a01

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

shell32

gdi32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB