a18beb6642fa9a5b6a13ad450c0c35beb2f0c26c3b72abe537f95c7ab4a5602b

Sharing

Copy URL Twitter E-mail

General

Target

a18beb6642fa9a5b6a13ad450c0c35beb2f0c26c3b72abe537f95c7ab4a5602b
Size

222KB
MD5

e1e1e9b817dad83ff7f99daa442aedf4
SHA1

e7e29341e5deeb1c18caeae8349535c385a7add2
SHA256

a18beb6642fa9a5b6a13ad450c0c35beb2f0c26c3b72abe537f95c7ab4a5602b
SHA512

4b2a4fd26fb801410df38a25d13d5f7535fb6c5e603a67cef9ab71c199206652c9aee2a64cf6504c593594e7273a864b22a46dd54b2f772b1fe4f0bfe462b9e8
SSDEEP

3072:DurlYPMF/cu/NnE8RweS5+pJF7pC+BlpJxO75wSt9pNTevjTCgTRW7IMX7:mfdZwesyJU1w2eH3TRWDX

Score

N/A

Malware Config

Signatures

Files

a18beb6642fa9a5b6a13ad450c0c35beb2f0c26c3b72abe537f95c7ab4a5602b
.dll regsvr32 windows x86

d96494ec8a63e7fbc17c7493680c557f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrFormatByteSizeA

kernel32

HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
ExitProcess
TerminateProcess
CreateThread
ExitThread
RaiseException
HeapSize
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
RtlUnwind
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
FlushFileBuffers
SetFilePointer
WriteFile
GetOEMCP
GetCPInfo
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
MulDiv
SetLastError
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
GlobalUnlock
GlobalFree
LockResource
CreateEventA
SuspendThread
SetThreadPriority
SetEvent
WaitForSingleObject
CloseHandle
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
FormatMessageA
LocalFree
InterlockedExchange
ResumeThread
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
HeapDestroy
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetShortPathNameA
MultiByteToWideChar
lstrlenW
lstrlenA
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FreeEnvironmentStringsA

user32

IsDialogMessageA
SetWindowTextA
ShowWindow
ClientToScreen
TabbedTextOutA
DrawTextA
GrayStringA
UnregisterClassA
LoadStringA
GetClassNameA
PtInRect
GetSysColorBrush
DestroyMenu
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
EndDialog
SetActiveWindow
IsWindow
GetSystemMetrics
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
PostMessageA
EnableWindow
KillTimer
PostQuitMessage
SetTimer
SendMessageA
LoadIconA
DestroyWindow
BeginPaint
GetClientRect
EndPaint
GetDC
ReleaseDC
GetFocus
IsChild
GetClassInfoExA
LoadCursorA
RegisterClassExA
CharNextA
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA
DefWindowProcA
wsprintfA
CreateDialogIndirectParamA

gdi32

DeleteObject
PtVisible
RectVisible
ExtTextOutA
Escape
CreateBitmap
CreateDCA
GetDeviceCaps
LPtoDP
SaveDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
GetStockObject
SelectObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
SetTextAlign
TextOutA
DeleteDC
RestoreDC
Rectangle

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteKeyA
RegQueryValueExA

comctl32

ord17

ole32

CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
SysStringLen
LoadRegTypeLi
RegisterTypeLi
SysAllocString
LoadTypeLi
VarUI4FromStr

urlmon

URLDownloadToFileA

wininet

DeleteUrlCacheEntry

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d96494ec8a63e7fbc17c7493680c557f

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ole32

oleaut32

urlmon

wininet

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 79KB - Virtual size: 93KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 79KB - Virtual size: 93KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 16KB - Virtual size: 16KB