db0c432d64528e36abf82d7bc46ce488c4e16cb12e4190da1793b637170ef92d

Sharing

Copy URL Twitter E-mail

General

Target

db0c432d64528e36abf82d7bc46ce488c4e16cb12e4190da1793b637170ef92d
Size

183KB
MD5

8f0c9ed50e4f8f0810f3536d6fe57ee0
SHA1

2f81c1ffc6688f3ac2415b08a7af7872f5d4f74a
SHA256

db0c432d64528e36abf82d7bc46ce488c4e16cb12e4190da1793b637170ef92d
SHA512

e01e87e63ad337f848638d3648c1efec2e10be08f2de8dcbe3b558a9dbcaa5ee778b356b3be75f648e7aac4600fda7eb48205e89a0a74f69056fdcd1cca09718
SSDEEP

3072:2A/wzD4v9xE7Rp7wBs4pToMRFazvHaAkOrmGZf93dGm8OfN+T7Fz2e4KQDn:2A/wzD4vAYnpT3vARmGZfP1+vV1

Score

N/A

Malware Config

Signatures

Files

db0c432d64528e36abf82d7bc46ce488c4e16cb12e4190da1793b637170ef92d
.dll regsvr32 windows x86

08ba78f86badf07523664f2997d3e6e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord1648
ord2458
ord5297
ord5310
ord5304
ord6383
ord5440
ord6394
ord5450
ord823
ord3663
ord825
ord1238

msvcrt

srand
malloc
free
localtime
mktime
time
_onexit
__dllonexit
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_purecall
strstr
sprintf
_ftol
memmove
__CxxFrameHandler
rand
strtoul
isdigit
strncmp
strtol
wcsstr
wcslen
__RTDynamicCast
_except_handler3

atl

ord18
ord22
ord23
ord15
ord21
ord16
ord32

advapi32

RegCloseKey
GetUserNameA
RegOpenKeyExA
RegQueryValueExA

kernel32

InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
IsBadWritePtr
InterlockedDecrement
EnterCriticalSection
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
DisableThreadLibraryCalls
SetLastError
LeaveCriticalSection
GetLastError
lstrlenA
lstrcpyA

ole32

CoCreateFreeThreadedMarshaler

oleaut32

VariantInit
SafeArrayCreate
VariantCopy
SysReAllocStringLen
SetErrorInfo
LoadRegTypeLi
VariantClear
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString

ws2_32

WSACleanup
WSAStartup
gethostname
gethostbyname
ntohl
htons
connect
getsockname
closesocket
WSAGetLastError
socket
inet_addr

msvcirt

??6ostream@@QAEAAV0@PBD@Z
??_Dostrstream@@QAEXXZ
??6ostream@@QAEAAV0@K@Z
??6ostream@@QAEAAV0@J@Z
??6ostream@@QAEAAV0@E@Z
??1ios@@UAE@XZ
??0ostrstream@@QAE@PADHH@Z
??1ostrstream@@UAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08ba78f86badf07523664f2997d3e6e4

Headers

File Characteristics

Imports

mfc42

msvcrt

atl

advapi32

kernel32

ole32

oleaut32

ws2_32

msvcirt

Exports

Exports

Sections

.text Size: 89KB - Virtual size: 89KB

.data Size: 66KB - Virtual size: 68KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 89KB - Virtual size: 89KB

.data
Size: 66KB - Virtual size: 68KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 12KB - Virtual size: 12KB