66702e71ce120c808fa0c7c32d95b81ce864ba8367ee21c84ab3d8d098626062

Sharing

Copy URL Twitter E-mail

General

Target

66702e71ce120c808fa0c7c32d95b81ce864ba8367ee21c84ab3d8d098626062
Size

204KB
MD5

591707bf95002097840c5f58d299b440
SHA1

b5dae48d31c6647c7397ae4cff7d9c0e0bae3f4b
SHA256

66702e71ce120c808fa0c7c32d95b81ce864ba8367ee21c84ab3d8d098626062
SHA512

e53a3d15d5403e958342da71b9a6853538460a4dff37fa40db6d0bdfc7c3c4cff3d35ea6181d6bf1a456c1ba5dbf2c7ba11ec4d6778bb8f2f21ad0909d1f1c6b
SSDEEP

3072:9E6ORdCJ1udbNF3X3X3X3LHHHHHHHh6NBMT/YUMoRFadzYHStQ3e0k56TwKS6R:9EXRdjd6Lc7bnadcHyokUS

Score

N/A

Malware Config

Signatures

Files

66702e71ce120c808fa0c7c32d95b81ce864ba8367ee21c84ab3d8d098626062
.dll regsvr32 windows x86

38903920231410e4355773c03bebbcc5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord823
ord825

msvcrt

wcscpy
wcsncat
wcslen
free
__CxxFrameHandler
malloc
realloc
wcschr
wcsncpy
_adjust_fdiv
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__dllonexit
_onexit
_except_handler3
_purecall
_strdup
sprintf
memmove
strncat
strncpy
_CxxThrowException
_itow
_initterm

kernel32

ReleaseMutex
WaitForSingleObject
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateMutexA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
DeleteCriticalSection
lstrlenA
lstrcmpiA
IsDBCSLeadByte
lstrcpynA
HeapDestroy
lstrcpyA
lstrcatA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
DisableThreadLibraryCalls
SizeofResource
LoadResource
FindResourceA
GetLastError
LoadLibraryExA
GetShortPathNameA
Sleep
CloseHandle
CreateThread
GetComputerNameA
GetDiskFreeSpaceA
GlobalMemoryStatus
QueryPerformanceCounter
GetLocalTime
LocalFree
GetCurrentThreadId
GetCurrentProcessId
DeviceIoControl
GetModuleHandleW
GetVersionExA
GetSystemInfo
LocalAlloc
GetTickCount

user32

CharNextA
LoadIconA

advapi32

RegCloseKey
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
GetUserNameA
RegQueryValueExA
RegOpenKeyA

ole32

CoUninitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize

oleaut32

SysAllocString
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
SysFreeString

rpcrt4

RpcStringFreeA
UuidToStringA
UuidFromStringA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38903920231410e4355773c03bebbcc5

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

ole32

oleaut32

rpcrt4

Exports

Exports

Sections

.text Size: 114KB - Virtual size: 113KB

.data Size: 71KB - Virtual size: 72KB

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 114KB - Virtual size: 113KB

.data
Size: 71KB - Virtual size: 72KB

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 5KB - Virtual size: 4KB