c8c5d0aad26270cdbf42cc8fe5d7accc3f5a7d12aa105d39ac69667f4d6b768c

Sharing

Copy URL Twitter E-mail

General

Target

c8c5d0aad26270cdbf42cc8fe5d7accc3f5a7d12aa105d39ac69667f4d6b768c
Size

188KB
MD5

3e46296d5608858d67a40d02720e7e30
SHA1

3323da56d878a470f1afadf48f6047a2ea659fd6
SHA256

c8c5d0aad26270cdbf42cc8fe5d7accc3f5a7d12aa105d39ac69667f4d6b768c
SHA512

18496edff717ecb4b19c1bf98ff54e02638cc722c928c56efa44cfb06666449a651003ca8aa016e50ed882576bc92fa42c93f18564a271312ef058e3d151d137
SSDEEP

3072:sKd60rHl6PpfuAjwntpC0GLIlik+UjYsXRjKnyzV/3Q9:sanp6PxuAjwlYIAkBXRjBV/3Q9

Score

N/A

Malware Config

Signatures

Files

c8c5d0aad26270cdbf42cc8fe5d7accc3f5a7d12aa105d39ac69667f4d6b768c
.dll regsvr32 windows x86

5d00bf7d3241b1fab8cfb1a101876f6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
realloc
malloc
_except_handler3

kernel32

VirtualAlloc
VirtualFree
HeapAlloc
GetProcessHeap
HeapFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GetShortPathNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
lstrlenA
DisableThreadLibraryCalls
DeleteFileW
GlobalLock
GlobalUnlock
GetModuleFileNameW
lstrcatW
HeapDestroy
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
lstrcpyW
GetModuleHandleW
LocalFree
LocalAlloc
GetFileAttributesW
lstrcpynW
SetFileAttributesW
GetWindowsDirectoryW
GetLastError
WritePrivateProfileStringW
EnterCriticalSection
LeaveCriticalSection
GlobalAlloc
GlobalFree
SystemTimeToFileTime
GetUserDefaultLCID
LoadLibraryA
lstrlenW
GetProcAddress
FreeLibrary
LoadLibraryW
InterlockedExchange
MultiByteToWideChar

gdi32

CreateMetaFileW
SetWindowExtEx
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
CreateDCW
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
RestoreDC
GetStockObject
Rectangle
GetNearestColor
GetDIBits
SetDIBits
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
SelectPalette
RealizePalette
BitBlt
SetStretchBltMode
StretchBlt
GetTextFaceW
GetTextMetricsW
CreateFontW
SetTextColor
SetBkColor
TextOutW
GetObjectW
CreateBitmapIndirect
GetTextExtentPointW
CreateFontIndirectW
Ellipse
Pie
CreatePen
SelectObject
Arc
MoveToEx
LineTo
CreateEllipticRgnIndirect
CreateRectRgn
OffsetRgn
CombineRgn
CreateSolidBrush
FillRgn
DeleteObject

user32

OffsetRect
EqualRect
IntersectRect
EndPaint
GetClientRect
BeginPaint
CallWindowProcW
IsWindow
SetWindowRgn
SetWindowPos
UnionRect
CharNextW
RegisterClassExW
ReleaseDC
UnregisterClassW
CreatePopupMenu
GetMenuDefaultItem
ClientToScreen
TrackPopupMenu
DestroyMenu
DestroyIcon
GetIconInfo
RegisterClassW
GetParent
wsprintfW
GetWindowLongW
DefWindowProcW
LoadCursorW
GetClassInfoExW
SetWindowLongW
DrawIconEx
DrawFocusRect
SystemParametersInfoW
InvalidateRect
DestroyAcceleratorTable
ShowWindow
GetFocus
IsChild
SetFocus
DestroyWindow
InvalidateRgn
RegisterClipboardFormatW
CreateWindowExW
GetMenuItemInfoW
DeleteMenu
GetMenuItemCount
DispatchMessageW
GetSystemMetrics
SetRect
MapWindowPoints
SetCapture
GetCapture
PeekMessageW
CallMsgFilterW
ReleaseCapture
TranslateMessage
PtInRect
WaitMessage
PostMessageW
LoadStringW
GetSysColor
GetDC
GetKeyState

advapi32

RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW

ole32

CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoUninitialize
OleSaveToStream
WriteClassStm
OleLoadFromStream
CreateDataAdviseHolder
CreateOleAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SafeArrayCreateVector
VariantInit
SysAllocString
SysAllocStringLen
SysStringLen
VariantClear
VariantTimeToSystemTime
OleTranslateColor
LoadRegTypeLi
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
OleCreatePropertyFrame
SysFreeString

shlwapi

ord157
ord476
ord437
StrCatBuffW
PathFileExistsW
ord488
ord172
ord217
StrCmpW
ord158
PathFindExtensionW
StrCmpIW
StrRetToBufW
PathIsUNCW
PathIsRootW
StrChrIW
StrStrIW
StrFormatByteSizeW
ord354
StrPBrkW
wnsprintfW
StrChrW
StrToIntExW
StrRetToStrW
ord176
SHCreateShellPalette
ord174
PathAppendW
PathRemoveFileSpecW
SHRegisterValidateTemplate
PathIsDirectoryW
PathMakeSystemFolderW
ord69
ord346
StrCpyNW

shdocvw

ord218

shell32

SHGetSpecialFolderLocation
ord155
ord100
ord239
SHGetMalloc
ord18
SHBindToParent
SHGetPathFromIDListW
ord71
ord77
ord195
ord196
ShellExecuteExW
ord88
SHGetFolderPathW
ord16
SHGetDesktopFolder
ord152
ord17
ord28

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d00bf7d3241b1fab8cfb1a101876f6b

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

user32

advapi32

ole32

oleaut32

shlwapi

shdocvw

shell32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 100KB

.data Size: 57KB - Virtual size: 57KB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 100KB - Virtual size: 100KB

.data
Size: 57KB - Virtual size: 57KB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 5KB - Virtual size: 5KB