89099ec49f8bd367c58087717e854299c9ba9da30d30b51e17783d00e83fb6c5

General

Target

89099ec49f8bd367c58087717e854299c9ba9da30d30b51e17783d00e83fb6c5
Size

152KB
MD5

cc4c1bb062b507effe52a338f6365ff0
SHA1

e2fe686d61fa90dc8da00c2edf0c4e80c9db0592
SHA256

89099ec49f8bd367c58087717e854299c9ba9da30d30b51e17783d00e83fb6c5
SHA512

90cbcb6fd30c38377484318226e8adc595d408ac7fb20402f3554d4a1df00e93cdd700f7220197a9a0a51623dfcf2705e5d872bab381dfd99f0708e70c9f4a97
SSDEEP

3072:Lk0Mhz7hbezpxFyfwEitRdBJdCKD51OZMGcX49rEyJT0pScKEGjhsW9:Lk0Mhz7hbe3qgdCKD5maoVEeA1I3

Score

N/A

Malware Config

Signatures

Files

89099ec49f8bd367c58087717e854299c9ba9da30d30b51e17783d00e83fb6c5
.dll regsvr32 windows x86

154cfade0defdddaa56a67481fa89559

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetModuleFileNameW
FindNextFileW
LoadLibraryA
FindNextChangeNotification
GetLogicalDrives
DuplicateHandle
VirtualAlloc
LoadResource
GetLocalTime
GetProcAddress
DeleteFileW
CreateProcessW
FindFirstChangeNotificationW
GlobalUnlock
GlobalDeleteAtom
SetLastError
FindClose
WaitForMultipleObjects
GetCurrentProcessId
SizeofResource
LockResource
GetCurrentProcess
MultiByteToWideChar
FindFirstFileW
GlobalAlloc
SuspendThread
MulDiv
QueryDosDeviceW
ResumeThread

user32

SetWindowPos
SendMessageW
SetCapture
LoadStringW
GetDlgItem
ReleaseDC
GetKeyState
GetWindowDC
ReleaseCapture
DrawTextW
GetWindowThreadProcessId
PostThreadMessageW
DestroyMenu
SetCursor
SetForegroundWindow
GetWindowRect
UpdateWindow
LoadIconW

gdi32

GetMapMode
CreateCompatibleBitmap
CreatePen
SetTextColor
CreateSolidBrush
DPtoLP
GetDeviceCaps
MoveToEx
SetBkMode
CreateCompatibleDC
GetObjectW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.csjmb
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nmffjbh
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eljfztx
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

154cfade0defdddaa56a67481fa89559

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.csjmb Size: 132KB - Virtual size: 130KB

.nmffjbh Size: 4KB - Virtual size: 1KB

.eljfztx Size: 4KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 6KB

.csjmb
Size: 132KB - Virtual size: 130KB

.nmffjbh
Size: 4KB - Virtual size: 1KB

.eljfztx
Size: 4KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 6KB