8f9a44a78e108ece82855501961ef3f6b52d5f4c1efe19acef4db0d54c58f23a

Sharing

Copy URL Twitter E-mail

General

Target

8f9a44a78e108ece82855501961ef3f6b52d5f4c1efe19acef4db0d54c58f23a
Size

52KB
MD5

c2073258fcf8a0fea61dc116954b3be2
SHA1

ea772d22e17f40aabc444e823bacfe8d984fa953
SHA256

8f9a44a78e108ece82855501961ef3f6b52d5f4c1efe19acef4db0d54c58f23a
SHA512

603a0e894550b481ffbfb3a82afd8642462d5bd70420257096233ae71e3b446942ae300ab199bd36508afb93e7dde0b665c93d8602d1a2bf2d5807215e230f3b
SSDEEP

384:EGBaJsODiPEuQMajWp8/os4jN7QJ0Pba31yk3b4q9XcU2l/5edmn14klXi1StZHu:EGBaJ7mkMWmKsVQj133FOP5DlBUSt

Score

N/A

Malware Config

Signatures

Files

8f9a44a78e108ece82855501961ef3f6b52d5f4c1efe19acef4db0d54c58f23a
.dll regsvr32 windows x86

dc22ee741fb74708a7f4b72ceeb535a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
lstrlenW
DeleteFileA
GetModuleHandleA
GetProcAddress
ExitProcess
GetFileSize
SetFilePointer
WriteFile
ReadFile
CreateFileA
FindClose
VirtualProtect
GetDriveTypeA
lstrlenA
GetTempFileNameA
GetTempPathA
GetSystemDirectoryA
FreeLibrary
GetLastError
WritePrivateProfileStringA
GetPrivateProfileStringA
DisableThreadLibraryCalls
GetCurrentProcess
TerminateProcess
GetWindowsDirectoryA
CreateEventA
CreateThread
WinExec
FindFirstFileA
Sleep
OpenEventA
SetEvent
CloseHandle
GetModuleFileNameA
FindNextFileA

user32

CallNextHookEx
SetWindowsHookExA
MessageBoxA
wsprintfA

advapi32

RegSetValueExA
RegOpenKeyA
RegCloseKey

oleaut32

LoadRegTypeLi
SysFreeString
SysStringLen

msvcrt

memcpy
_purecall
memcmp
strstr
_stricmp
strrchr
strcmp
atol
sprintf
??2@YAPAXI@Z
_initterm
malloc
_adjust_fdiv
_strlwr
_itoa
_strcmpi
??3@YAXPAX@Z
strcat
strcpy
memset
strlen
free

atl

ord15
ord16
ord21
ord18
ord57
ord32
ord58
ord30
ord23

wininet

DeleteUrlCacheEntry
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

msvcp60

?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc22ee741fb74708a7f4b72ceeb535a6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

msvcrt

atl

wininet

msvcp60

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 1KB