bcc9951e25d63c13e79dd5077ab659a85a02227e3a3dcc947d76e40a640b62d3

Sharing

Copy URL Twitter E-mail

General

Target

bcc9951e25d63c13e79dd5077ab659a85a02227e3a3dcc947d76e40a640b62d3
Size

312KB
MD5

898c12d919ade73069cbcaf18f2a4010
SHA1

b044d8274665b38ce249928401f1bef5cde78202
SHA256

bcc9951e25d63c13e79dd5077ab659a85a02227e3a3dcc947d76e40a640b62d3
SHA512

a5d479f3c0f2d177bcea1439fc502bc1270b22f1eaffcd8c67bcd5797737a17bb26735c8462031ddb8bc5b89cf2dfa7bbaa10aec08f4c8b3a7e98596a08adba9
SSDEEP

6144:z9sR2Ob/P5tIEjRS9Hz1TqURvqEzNeur/pkQo/R2q:z9sR2w9Cz1TN5eurx9

Score

N/A

Malware Config

Signatures

Files

bcc9951e25d63c13e79dd5077ab659a85a02227e3a3dcc947d76e40a640b62d3
.dll regsvr32 windows x86

2f5a59590e17e96e86f402aadead7989

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__CxxFrameHandler
_purecall
_CxxThrowException
memmove
free
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
__dllonexit
_onexit

ntdll

NtClose
RtlFreeHeap
NtCreateFile
RtlInitUnicodeString
RtlDosPathNameToNtPathName_U
NtQueryInformationFile
NtQueryVolumeInformationFile
NtFsControlFile

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
CompareStringW
lstrcpynW
WideCharToMultiByte
lstrlenW
lstrlenA
lstrcmpiW
GetLocaleInfoW
GetUserDefaultUILanguage
CloseHandle
CreateThread
DisableThreadLibraryCalls
GetDiskFreeSpaceW
WaitForSingleObject
GetFileAttributesW
GetCurrentProcess
GetLastError
GetCurrentThread
GetVolumeNameForVolumeMountPointW
GlobalLock
LocalFree
LocalAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
lstrcmpW
lstrcpyW
FormatMessageW
GetThreadLocale
SetLastError
FreeLibrary
GetProcAddress
LoadLibraryW
GetFileSize
MapViewOfFile
CreateFileMappingW
CreateFileW
UnmapViewOfFile
GetVolumeInformationW
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
GetModuleHandleW
GetWindowsDirectoryW
GetModuleFileNameW
GlobalUnlock

user32

GetWindow
GetClassNameW
GetTopWindow
DialogBoxParamW
LoadAcceleratorsW
PostMessageW
DestroyWindow
DefWindowProcW
GetDesktopWindow
RegisterClassExW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
IsDialogMessageW
PeekMessageW
SetWindowTextW
DrawTextW
CreateDialogParamW
WinHelpW
GetDlgCtrlID
SetDlgItemTextW
SendDlgItemMessageW
IsDlgButtonChecked
CheckDlgButton
SetTimer
KillTimer
SetForegroundWindow
FindWindowW
InvalidateRect
CharUpperW
IsWindowVisible
CharNextW
MessageBoxW
GetSystemMetrics
IsCharAlphaW
IsCharAlphaNumericW
MessageBeep
GetDlgItemTextW
TrackPopupMenu
DestroyMenu
GetWindowRect
PtInRect
ShowWindow
GetMenu
CheckMenuItem
CreateWindowExW
LoadIconW
DestroyIcon
SendMessageTimeoutW
UpdateWindow
EnableWindow
SendMessageW
LoadCursorW
SetCursor
ShowCursor
RegisterClipboardFormatW
GetParent
GetDlgItem
EndDialog
GetWindowLongW
CallWindowProcW
GetDC
ReleaseDC
SetWindowLongW
IsWindowEnabled
wsprintfA
GetWindowTextW
wsprintfW
EnableMenuItem
LoadStringW
ClientToScreen
SetWindowPos
MoveWindow
SetFocus
LoadMenuW
GetSubMenu
GetWindowTextLengthW
SetMenuDefaultItem
GetClientRect

gdi32

GetDeviceCaps
GetTextMetricsW

advapi32

RegOpenKeyExA
RegQueryValueExA
FreeSid
GetSidIdentifierAuthority
EqualSid
IsValidSid
CopySid
GetLengthSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
SetFileSecurityW
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
GetSidSubAuthority
GetSidSubAuthorityCount
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegCloseKey
AllocateAndInitializeSid

ole32

ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleSetClipboard
DoDragDrop
CreateStreamOnHGlobal
OleFlushClipboard
OleIsCurrentClipboard
StgCreateDocfile
GetHGlobalFromStream
StgOpenStorage
StgIsStorageFile
OleUninitialize
CoCreateInstance
OleInitialize
StringFromGUID2
CoUninitialize
CoInitialize

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
DragQueryFileW
SHFileOperationW
ShellAboutW

shlwapi

StrRetToBufW
SHGetValueW
PathAddBackslashW
StrCmpNW
PathRemoveFileSpecW
PathStripToRootW
PathFindFileNameW
PathRenameExtensionW
PathAppendW
PathSkipRootW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f5a59590e17e96e86f402aadead7989

Headers

File Characteristics

Imports

msvcrt

ntdll

kernel32

user32

gdi32

advapi32

ole32

shell32

shlwapi

Exports

Exports

Sections

.text Size: 107KB - Virtual size: 106KB

.data Size: 161KB - Virtual size: 161KB

.rsrc Size: 34KB - Virtual size: 34KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 107KB - Virtual size: 106KB

.data
Size: 161KB - Virtual size: 161KB

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 8KB - Virtual size: 8KB