a430ece3ebc41e11c1c13e312f2ddc5dbf3b2eab07743a65fb40a8519261bdca

Sharing

Copy URL

Twitter E-mail

General

Target

a430ece3ebc41e11c1c13e312f2ddc5dbf3b2eab07743a65fb40a8519261bdca
Size

444KB
MD5

16a4cfaabf3485a144995edab40cb660
SHA1

88e447ec4eb462a9c110ab802c322dfc14d6d880
SHA256

a430ece3ebc41e11c1c13e312f2ddc5dbf3b2eab07743a65fb40a8519261bdca
SHA512

eb4e78e5e63db41be74ab0c601ee356bb13a4569ecbeaa50b862119acc0badf08672accbe6c424273320363924dba7ccd8c2498b37da3676498ddc75da8d3737
SSDEEP

12288:vWc0GkgHdfZmtP9a3bxtdpHS1XOxUeNZu1AVTGkz4oye/1z2gToNQ3yjdEzBuj:vHf9H3mtP9a3bDdpHMexUeNZu1aTGkz0

Score

N/A

Malware Config

Signatures

Files

a430ece3ebc41e11c1c13e312f2ddc5dbf3b2eab07743a65fb40a8519261bdca
.dll regsvr32 windows x86

ae3d22662202f10c0b2eae6344bb5540

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

odbc32

ord61
ord5
ord19
ord1
ord2
ord15
ord9
ord14
ord41
ord23
ord40
ord47
ord42
ord44
ord49
ord50
ord54
ord43
ord59
ord6
ord46
ord18
ord10
ord45
ord17
ord72
ord68
ord20
ord12
ord11
ord51
ord4
ord48
ord3
ord58
ord63
ord16
ord13
ord66

kernel32

LCMapStringA
GetOEMCP
TerminateProcess
GetModuleFileNameA
lstrcatA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
SetFilePointer
SetUnhandledExceptionFilter
VirtualAlloc
WriteFile
HeapCreate
HeapDestroy
VirtualFree
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStartupInfoA
GetFileType
FreeEnvironmentStringsA
SetHandleCount
GetStringTypeW
GetStdHandle
RtlUnwind
RaiseException
GetStringTypeA
SetLastError
TlsFree
LocalFree
GetCurrentThreadId
lstrlenA
GetExitCodeThread
ResumeThread
GetTickCount
CreateThread
WaitForSingleObject
SuspendThread
WideCharToMultiByte
lstrcpyA
GetLastError
lstrcmpiA
lstrcmpA
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
lstrcpynA
lstrlenW
GetUserDefaultLCID
IsDBCSLeadByte
GetProcAddress
LoadLibraryA
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetSystemDefaultLCID
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentProcessId
TlsGetValue
GetLocaleInfoA
InterlockedIncrement
InterlockedDecrement
LocalAlloc
LocalReAlloc
MultiByteToWideChar
CloseHandle
DisableThreadLibraryCalls
CreateMutexA
Sleep
ReleaseMutex
IsBadReadPtr
GetCurrentThread
GetCommandLineA
GetModuleHandleA
GetVersion
ExitProcess
TlsSetValue
TlsAlloc
LCMapStringW
GetCPInfo
GetACP
GetCurrentProcess
HeapSize

user32

MsgWaitForMultipleObjects
TranslateMessage
PeekMessageA
DispatchMessageA
GetWindowThreadProcessId
GetWindow
IsWindowVisible
CharUpperA
PostMessageA
GetWindowLongA
DestroyWindow
GetActiveWindow
CreateDialogParamA
SetWindowLongA
LoadStringA
GetDesktopWindow
SetTimer
wsprintfA
KillTimer
CharNextA

ole32

CLSIDFromString
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegDeleteKeyA
RegCreateKeyA
RegOpenKeyA
RegCloseKey
RegSetValueExA
RegQueryValueA
RegSetValueA

oleaut32

SafeArrayGetLBound
RegisterTypeLi
CreateErrorInfo
UnRegisterTypeLi
VariantChangeTypeEx
SafeArrayCopy
SetErrorInfo
SysAllocStringLen
SafeArrayRedim
SysStringLen
SafeArrayCreate
SafeArrayAccessData
SafeArrayDestroy
VariantCopy
VariantChangeType
SafeArrayUnaccessData
VariantInit
SafeArrayGetUBound
LoadTypeLi
SysAllocStringByteLen
VariantClear
SysReAllocString
SysFreeString
SysAllocString

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServerEx
DllUnregisterServer

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae3d22662202f10c0b2eae6344bb5540

Headers

File Characteristics

Imports

odbc32

kernel32

user32

ole32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 24KB - Virtual size: 22KB

.idata Size: 60KB - Virtual size: 59KB

.rsrc Size: 128KB - Virtual size: 126KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 24KB - Virtual size: 22KB

.idata
Size: 60KB - Virtual size: 59KB

.rsrc
Size: 128KB - Virtual size: 126KB

.reloc
Size: 12KB - Virtual size: 11KB